Safety

Hundreds of orgs compromised daily in Microsoft device code phishing attacks

EvilTokens phishing campaign exploiting Microsoft device-code flows and AI-driven automation is compromising hundreds of organizations daily, bypassing MFA to access Microsoft 365 and target financial personnel.

Tuesday, April 7, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline

Microsoft reports a sophisticated phishing campaign using AI and automation compromising hundreds of organizations daily since March 15, 2026. The attacks exploit device-code authentication flows to bypass MFA and access Microsoft 365, with post-compromise activity targeting financial personnel and automating email exfiltration. The campaign leverages EvilTokens, a phishing-as-a-service toolkit operational since February 2026.

Read original at The Register

Hack-for-hire group caught targeting Android devices and iCloud backups

State-backed hack-for-hire group BITTER targets journalists, activists, and officials across MENA with iCloud phishing and Android spyware—exposing how governments outsource cyberattacks to private vendors to evade accountability.