A sophisticated phishing campaign leveraging the OAuth2 device code authentication flow has been identified by Microsoft Threat Intelligence. Tracked as “Storm-2372,” this threat actor, suspected to align with Russian state interests, has been targeting governments, NGOs, and industries across Europe, North America, Africa, and the Middle East since August 2024. The attack exploits the device … Continue reading Device Code Phishing Attack Exploits Authentication Flow for Token Hijacking