DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

Read full story on The Hacker News
Share
DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
AI disclosure

Summary

A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC. "The campaign did not depend on a fake Microsoft password page. It used a malicious collaboration-style lure to push users into the legitimate Microsoft device login experience,

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.