CSOonline

Cybercrooks faked Microsoft OAuth apps for MFA phishing

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...
Computer Weekly

Threat actors abused lack of MFA, OAuth in spam campaign

The Microsoft 365 Defender Research Team has warned users to be on their guard against a growing number of cyber attacks that abuse OAuth applications as part of the attack chain, after investigating ...
ZDNet

Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam

Microsoft has exposed a crafty case of OAuth app abuse that allowed the attackers to reconfigure the victim's Exchange server to send spam. The point of the elaborate attack was to make mass spam – ...
Dark Reading

Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps

Attackers are deploying malicious OAuth applications on compromised cloud tenants, with the goal of taking over Microsoft Exchange Servers to spread spam. That's according to the Microsoft 365 ...
Hosted on MSN

Experts warn Microsoft Copilot Studio agents are being hijacked to steal OAuth tokens

CoPhish uses Copilot Studio agents to phish OAuth tokens via fake login flows Attackers exploit Microsoft domains to appear legitimate and access sensitive user data Mitigations include restricting ...