Analysts at ANY.RUN has identified a sharp spike in phishing campaigns exploiting Microsoft’s OAuth Device Authorization Grant flow, with more than 180 malicious URLs detected within a single week. Unlike conventional credential harvesting, this technique routes victims through legitimate Microsoft authentication pages, making it substantially harder for security operations centers (SOCs) to catch the compromise […] The post Attackers Hijack Microsoft 365 Accounts Through OAuth Device Code Abuse Without Stealing Passwords appeared first on Cyber Security News.