Tycoon2FA hijacks Microsoft 365 accounts with stealth device-code phishing
Source: Escudodigital
Published:
<p>The notorious phishing-as-a-service platform Tycoon2FA has adopted a new tactic that abuses legitimate OAuth device codes to compromise Microsoft 365 accounts, allowing attackers to bypass traditional authentication barriers with alarming ease.</p> <p>A new evolution of Tycoon2FA is raising its l