State-linked and criminal hackers use device code phishing against M365 users | Cybersecurity Dive

State-linked and criminal hackers are increasingly using device code phishing to target Microsoft 365 users, abusing a legitimate authorization workflow to gain account access. Threat groups, including those affiliated with China and Russia, are employing tools like SquarePhish2 and Graphish to execute these attacks, with some actors even selling malicious tools on hacking forums.