Topic: device authorization flow

Sort by: Relevance | Date
  • Microsoft Entra Accounts Targeted in Vishing Attacks
    February 20, 2026
    87%

    Microsoft Entra Accounts Targeted in Vishing Attacks

    A new wave of attacks combines device code phishing with voice phishing (vishing) to compromise Microsoft Entra accounts, exploiting the legitimate OAuth 2.0 device authorization flow to steal authentication tokens without traditional password theft. The **ShinyHunters** extortion group is believ...

    Read More »

Related Topics

threat actors (1) social engineering (1) security recommendations (1) multi-factor authentication (1) device code phishing (1) vishing attacks (1) single sign-on (1) authentication tokens (1)