DEBULL Tooling Exploits Microsoft Device-Code Flow to Compromise M365 Accounts
A new phishing campaign leverages Microsoft's legitimate device-code authentication flow to bypass traditional detection methods. The attack uses collaboration-themed lures to trick users into granting access to their Microsoft 365 accounts.
Read more