Neowin

Microsoft changes hit Teams Android devices: Disable Entra ID policy to restore sign-in

Microsoft has enabled a new policy in Entra ID that has caused many Teams-certified Android devices to be logged out, here's how to log them in again. As part of its Secure Future Initiative, ...
CSOonline

EvilTokens abuses Microsoft device code flow for account takeovers

A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia researchers first spotted the toolkit ...
Tech Digest

Microsoft 365 users targeted in sophisticated ‘vishing’ attack

Image: Bleeping Computer. https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-entra-accounts-in-device-code-vishing-attacks/ Hackers have launched ...