DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC.

“The campaign did not depend on a fake Microsoft password page. It used a malicious collaboration-style lure to push users into the legitimate Microsoft device login experience,

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire

TIL: You can make HTTP requests without curl using Bash /dev/TCP

TIL: You can make HTTP requests without curl using Bash /dev/TCP Source: Hacker News

AI Can’t Be Listed as Inventor on Patent Applications, Japan’s Top Court Rules

AI Can’t Be Listed as Inventor on Patent Applications, Japan’s Top Court Rules Source: Hacker News