The Hacker News

DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

PhishingHighphishing

DEBULL tooling abuses Microsoft's legitimate device-code flow in a phishing campaign targeting M365 accounts using collaboration-themed lures, exploiting the device login process to compromise victim credentials without fake login pages.

AI summary · generated with Claude

https://thehackernews.com/2026/07/debull-tooling-abuses-microsoft-device.html