CSO Online

EvilTokens abuses Microsoft device code flow for account takeovers

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.
The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Arabian Post

EvilTokens turns Microsoft sign-ins into bait

EvilTokens, a newly identified phishing-as-a-service operation, is offering cybercriminals a ready-made way to hijack Microsoft accounts by abusing a legitimate sign-in process rather than stealing ...
Security Boulevard

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload ...
CSO Online

Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the ...

Hackers aren't "breaking" your MFA anymore — they’re just riding shotgun during your login to steal the session token right ...