OAuth Device Code Flow Visual

News

What is device code phishing, and why are Russian spies so successful at it?

It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs ...

Bleeping Computer1mon

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Russian threat actors have been abusing legitimate OAuth 2.0 authentication ... following diagram the attack flow targeting users by relying on a Visual Studio Code first-party application ...

Ars Technica3mon

Russia-aligned hackers are targeting Signal users with device-linking QR codes

Microsoft 365 accounts were recently revealed to be the target of "device code flow" OAuth phishing by Russia-related threat actors. Google notes that the latest versions of Signal include ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

News

Trending now