Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials.

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights.

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts.

Hackers are spoofing popular cloud and productivity apps to steal people’s Microsoft 365 login credentials and deliver malware, experts have warned.

A new wave of targeted phishing attacks exploiting Microsoft 365’s OAuth workflows has been uncovered by cybersecurity experts. These campaigns, observed by Volexity since March 2025, involve ...

What is device code phishing, and why are Russian spies so successful at it? Overlooked attack method has been used since last August in a rash of account takeovers.

Microsoft 365 Defender can be used to alert users to potential business email compromises and phishing attacks that can lead to OAuth-related attacks. When a user in your organization gets an ...

A critical vulnerability in Microsoft’s Entra ID still exposes a wide range of enterprise applications two years after it was discovered. Semperis, an identity security provider, shared new findings ...