Device Code Phishing
The latest Device Code Phishing coverage — news, analysis, and updates from the WindowsNews.AI desk.
Telegram Phishing Service ‘Forg365’ Exploits Microsoft’s Device Code Flow to Steal Sessions
Cybercriminals have weaponized Microsoft’s own device code authentication flow to hijack Microsoft 365 sessions, and a new phishing-as-a-service kit called Forg365 is making the attack accessible...
ARToken Panel: How a React-Based Phishing Kit Is Hijacking Microsoft 365 Sessions via Device Code Attacks
Cisco Talos has unearthed a menacing new threat actor panel dubbed ARToken, a React-based operator dashboard that streamlines the entire kill chain for compromising Microsoft 365 accounts. Tightly...
FBI Alert: Kali365 Phishing Kit Bypasses MFA via Device Code Phishing on Microsoft 365
The FBI issued a warning in May 2026 about a new phishing-as-a-service platform called Kali365 that hijacks Microsoft 365 accounts without a single fake login page. The platform, first spotted in...
FBI Warns Kali365 Phishing Kit Exploits Microsoft Device Code Flow to Slip Past MFA
The FBI’s Internet Crime Complaint Center (IC3) issued an urgent alert in May 2026 about Kali365, a newly identified phishing‑as‑a‑service platform that is systematically hijacking Microsoft...
FBI Warns of Kali365 Phishing Platform Hijacking Microsoft 365 via Device Code Attacks
The FBI has issued an urgent public warning about Kali365, a phishing-as-a-service platform that weaponizes device code authentication to steal Microsoft 365 access tokens. The alert, released in May...
FBI Warns Kali365 Phishing Steals OAuth Tokens to Bypass MFA in Microsoft 365
The FBI has issued an urgent public warning about a phishing-as-a-service platform called Kali365 that is systematically targeting Microsoft 365 accounts by abusing device-code authentication. The...
Windows Defeats AiTM Phishing with Passwordless Auth & Conditional Access
In today's digital landscape, identity has become the new perimeter for enterprise security. As organizations increasingly adopt cloud services and remote work models, cybercriminals are shifting...
Russian Hackers Exploit OAuth 2.0 in Microsoft 365 'Midnight Blizzard' Attack
The digital battlegrounds of cloud security witnessed a sophisticated escalation this summer as Russian state-sponsored hackers orchestrated a novel attack exploiting inherent weaknesses in OAuth 2.0...
Microsoft 365 BEC Attacks Surge: How Hackers Exploit Collaboration Tools
For Microsoft 365's 345 million global users, the familiar ping of an email notification now carries unprecedented risk. A new wave of Business Email Compromise (BEC) attacks is exploiting the...
Russian Hackers Exploit Microsoft OAuth in Storm-2372 Phishing Campaign
Russian state-sponsored hackers have unleashed a sophisticated phishing campaign exploiting a legitimate Microsoft authentication feature, marking a dangerous evolution in cloud account hijacking...
Securing Windows with Microsoft Entra: How to Combat Device Code Phishing Attacks
Microsoft Entra (formerly Azure Active Directory) is revolutionizing Windows security by introducing advanced protections against device code phishing—a growing threat in enterprise environments....
Storm-2372 device-code phishing bypasses MFA in Microsoft Teams attacks
Microsoft Teams has become the latest target in a sophisticated phishing campaign dubbed Storm-2372, putting millions of users at risk. Cybersecurity researchers have uncovered a new device code...