
Attackers Use Password-Protected PDF Lures to Launch Microsoft Device Code Phishing
Cybersecurity professionals have long advised users to verify domain names before entering credentials. However, a newly observed phishing campaign is turning this fundamental advice on its head. Threat actors are now tricking victims into authenticating directly on legitimate Microsoft portals, leveraging a technique known as Device Code Phishing. Between April and May 2026, researchers uncovered […]
The post Attackers Use Password-Protected PDF Lures to Launch Microsoft Device Code Phishing appeared first on Cyber Security News.