New VENOM phishing attacks steal senior executives' Microsoft logins

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...
Microsoft

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated ...
Yahoo Malaysia

Microsoft Warning—New And Widespread 2FA Code Attacks Confirmed

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...
Arabian Post

EvilTokens turns Microsoft sign-ins into bait

EvilTokens, a newly identified phishing-as-a-service operation, is offering cybercriminals a ready-made way to hijack Microsoft accounts by abusing a legitimate sign-in process rather than stealing ...
GitHub

2026-03-23- Device-Code-based-OAuth-Phishing.txt

Active device code phishing campaign impersonating a popular cloud-based file storage service and two prominent electronic signature and document workflow platforms. Instead of harvesting credentials, ...
Palm Beach Post

Laurie Smith Uncovers Four Simple Steps to Access the Flow State

SAN FRANCISCO, CA, UNITED STATES, March 12, 2026 /EINPresswire.com/ — Laurie Smith Uncovers Four Simple Steps to Activating the Flow State Author of The Flow Habit ...