Security Boulevard

Why QR Codes Are Education’s New Phishing Blind Spot

So, when an attacker sends a fake UCPath payroll notification with a QR code linking to a credential harvesting site, a SEG ...
Bleeping Computer

Microsoft: Hackers steal emails in device code phishing attacks

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the ...
Bleeping Computer

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...
Forbes

New Warning As Microsoft 365 Attack Can Bypass Email Security

Beware this highly sophisticated Microsoft 365 attack. Update, March 15, 2025: This story, originally published March 13, has been updated with further technical detail regarding the Microsoft 365 ...