CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
GitHub

DeskHop - Fast Desktop Switching

Did you ever notice how, in the crazy world of tech, there's always that one quirky little project trying to solve a problem so niche that its only competitors might be a left-handed screwdriver and a ...
Security Boulevard

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

A range of state-sponsored and financially motivated threat groups are abusing Microsoft’s OAuth 2.0 device authorization grant flow to trick users into giving them access into their M365 accounts.
The Hacker News

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover ...
GitHub

Syncs your VSCode projects to Start Menu on Windows 10/11

I use VSCode on Windows 11, but a pain point is whenever I want to open a specific project, I have to open VSCode and go to File -> Open Recent and pick the project from there (I could have also ...
Infosecurity-magazine.com

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...