Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It's advertised ...

Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and ...

Hackers are hijacking Microsoft enterprise accounts by abusing a legitimate device-code authentication feature, tricking victims into entering attacker-generated codes on Microsoft’s own login portal.

Attackers trick users into approving access on real Microsoft pages OAuth device code phishing surged sharply since September 2025 Both cybercriminals and state-linked actors reportedly use this ...

Cybercriminals are launching a widespread wave of phishing attacks that bypass Multi-Factor Authentication (MFA) by exploiting a standard Microsoft 365 feature. Security researchers at Proofpoint warn ...

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...

An example project to demonstrate the OAuth 2.0 authorization code flow against a protected web api resource with RBAC roles.