An ongoing phishing campaign that targets Microsoft 365 users by abusing OAuth tokens to gain long‑term access to corporate data, which focuses on business users in North America and aims to compromise Outlook, Teams, and OneDrive without directly stealing passwords. Instead of attacking login pages with fake forms, the operators trick victims into completing a […] The post Ongoing Campaign Targets Microsoft 365 to Steal OAuth Tokens and Gain Persistent Access appeared first on Cyber Security News.