EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The service sells a turnkey Microsoft device code phishing kit that has been in active use since mid‑February 2026 and was quickly adopted by groups specialising in Adversary‑in‑the‑Middle phishing and Business […]
The post EvilTokens Launches New Phishing Service Targeting Microsoft Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: