Security News > 2025 > April > Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
2025-04-23 10:49
Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025. The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code
News URL
https://thehackernews.com/2025/04/russian-hackers-exploit-microsoft-oauth.html
Related news
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers exploit WordPress plugin auth bypass hours after disclosure (source)