Microsoft is bringing synced passkeys and biometrics for Entra ID account recovery to public preview, as the company leans ...

Threat Groups Hijack Microsoft 365 Accounts Using OAuth Device Code Exploit Security researchers warn that threat groups are ...

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...

According to research from Kaspersky, scammers are inserting malware into pirate mods for Roblox and other games to steal ...

A new cybersecurity report says Microsoft leads all brands in phishing impersonation, with scams posing as support and ...

Among the major cyberattacks and data breaches in 2025 were nation-state infiltration by China and North Korea, as well as ...

A Russia-aligned threat group uses Microsoft 365 device code phishing to steal credentials and take over accounts, tracked ...

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...

Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years ...