
Forg365 PhaaS Abuses Microsoft Device-Code Flow to Hijack M365 Sessions
A newly identified phishing-as-a-service (PhaaS) platform, Forg365, is abusing Microsoft’s device code authentication flow to hijack Microsoft 365 sessions at scale. ZeroBEC researchers uncovered the platform after tracing a business-document-themed phishing email back to a fully productized operator panel that offered AI-generated lures, token theft, and persistent session access as a subscription service. Forg365 operates […]
The post Forg365 PhaaS Abuses Microsoft Device-Code Flow to Hijack M365 Sessions appeared first on Cyber Security News.