Threat actors rarely stay down for long. Just weeks after a massive global takedown in March 2026, the notorious Tycoon 2FA Phishing-as-a-Service (PhaaS) kit has resurfaced with a dangerous new trick. Instead of stealing passwords, cybercriminals are now abusing Microsoft’s OAuth Device Authorization Grant flow to bypass Multi-Factor Authentication (MFA) entirely. Security researchers at the […]
The post Tycoon 2FA Adopts OAuth Device Code Attacks In MFA Bypass Campaign appeared first on Cyber Security News.