Security News > 2025 > April > Attackers phish OAuth codes, take over Microsoft 365 accounts
2025-04-23 10:23
Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the attacker requesting victim’s supply Microsoft Authorization codes, which grant the attacker with account access to then join attacker-controlled devices to Entra ID (previously Azure AD), and to download emails and other account-related data,” according to Volexity researchers. How the attack unfolds These recently observed attacks rely heavily … More → The post Attackers phish OAuth codes, take over Microsoft 365 accounts appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/04/23/microsoft-365-oauth-phishing/
Related news
- Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)
- Microsoft: Licensing issue blocks Microsoft 365 Family for some users (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
- ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- New Microsoft 365 outage impacts Teams and other services (source)