oauth

Windows users and IT professionals need to take extra caution as attackers continuously refine their phishing playbook. Recent reports reveal that sophisticated adversaries are leveraging vulnerabilities in OAuth 2.0 redirection flows to target Microsoft 365 environments. In these OAuth-themed...

If you’re going to be phished, you might as well be courted by some of Russia’s digital finest—at least that’s what a fresh report from Volexity would lead you to believe, as Ukraine-linked NGOs have found themselves starring in an unexpected cyber-espionage romcom, with the Russian hacking...

Every time the cybersecurity community thinks they’re getting ahead of attackers, someone comes along and turns a trusted workflow into a digital bear trap. That’s exactly what’s unfolding in the latest campaign orchestrated by Russian threat actors who are gleefully exploiting legitimate...

In a recent development, Russian threat actors identified as UTA0352 and UTA0355 have been targeting Ukraine-linked nongovernmental organizations (NGOs) by exploiting the OAuth protocol to compromise Microsoft 365 accounts. The Mechanics of the Attack The attackers initiated their campaign with...

They say trust is the cornerstone of any relationship—especially if that relationship is between you, the internet, and a determined Russian adversary with a penchant for phishy invitations and suspicious requests for OAuth codes. Phishing in the OAuth Era: New Tricks for Old Hackers When we...

Microsoft 365 users—especially those with links to Ukraine or human rights circles—have recently been finding themselves the unwitting stars in an international cyber-thriller: Russian-linked hackers are back, and this time, they've upgraded from phishing Netflix logins to abusing Microsoft's...

We live in an era where simply clicking a video call link could lead to the digital equivalent of inviting a burglar in for tea—and hackers are getting increasingly creative with their invitations, especially when it comes to Microsoft 365 access. The Evolving Art of Social Engineering (or: Why...

One recent morning, Nick Johnson did what many of us do: scanned his inbox, eyes glazed, sifting spam from signal. Then he spotted what looked like a run-of-the-mill Google security alert—legit sender address, DKIM check passed, sorted neatly with his real security alerts. The message: Google...

Innovative Phishing Tactics Threaten Critical Infrastructure Russian state-backed APT group Storm-2372 has triggered a new alarm in the cybersecurity community by leveraging an ingenious form of device code phishing to sidestep multi-factor authentication (MFA). This sophisticated attack...

Microsoft Defender XDR is evolving with a fresh wave of AI-powered features designed to sharpen cyber defenses and streamline security operations. In a series of announcements during the Secure 2025 cybersecurity conference, Microsoft unveiled new capabilities that integrate seamlessly into its...

Hackers are once again proving that even trusted platforms can be twisted for malicious purposes. A recent campaign, detailed by cybersecurity researchers, reveals that cybercriminals are employing fake OAuth applications—masquerading as popular services like Adobe Drive, Adobe Acrobat, and...

A fresh wave of OAuth abuse is making headlines, as cybercriminals continue to exploit trusted service brands like Microsoft 365 and GitHub for their nefarious purposes. Recently reported campaigns reveal the evolving tactics of threat actors, who are using sophisticated social engineering...

In today's rapidly evolving cybersecurity landscape, Microsoft 365 environments are facing a new breed of sophisticated attacks that exploit one of the most trusted authentication methods—OAuth. Recent investigations have revealed that threat actors are leveraging fake OAuth applications...

In today’s threat landscape, Windows users and Microsoft 365 administrators face increasingly sophisticated tactics from cybercriminals, who are now exploiting trusted workflows to compromise sensitive organizational data. Recent findings reveal that malicious actors are spoofing popular work...

Microsoft 365 credentials are now squarely in the crosshairs of a new, sophisticated cyberattack. In a campaign dubbed the ClickFix attack—as first reported by SC Media and detailed by BleepingComputer—the threat actors are using fake OAuth apps to pilfer sensitive credentials from government...

Cybercriminals are now weaponizing trusted brands to hijack Microsoft 365 accounts. In a worrying twist that almost seems ripped from a spy movie, hackers are impersonating legitimate Adobe and DocuSign apps to gain unauthorized access to valuable data and deploy malware. The Anatomy of the...

In recent cybersecurity developments, malicious Adobe and DocuSign OAuth applications have been reported as potential threats targeting Microsoft 365 environments. In a detailed investigation, security professionals discovered that these harmful apps are abusing the trusted OAuth framework to...

A clever new breed of phishing scam is on the rise and it's catching even the savviest users off guard. Researchers have uncovered a sustained campaign where Russian spies are using a technique known as "device code phishing" to gain unauthorized access to Microsoft 365 accounts. Windows users...

Security researchers and IT professionals are raising the alarm over a sophisticated new phishing variant that targets the OAuth 2.0 authorization code flow, particularly within Microsoft Azure Active Directory (Azure AD). In a detailed demonstration during the “Offensive Entra ID (Azure AD) and...

Project Rome Overview Project Rome is a platform for creating experiences that transcend a single device and driving up user engagement – empowering a developer to create human-centric scenarios that move with the user and blur the lines between their devices regardless of form factor or...