Security Feed
  1. Archives

Apr 24 2025 Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Source

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]

Posted by Bill Toulas on Thu 24 April 2025 in BleepingComputer.

Tags: Security.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Biz & IT
  • Security Blog
  • Microsoft
  • Security & Identity
  • Google
  • AI
  • cryptocurrency
  • Announcements
  • Foundational (100)
  • A Little Sunshine
  • Legal
  • Apple
  • Artificial Intelligence
  • privacy
  • Mobile
  • squid
  • Advanced (300)
  • Intermediate (200)
  • The Coming Storm
  • hacking
  • Technical How-to
  • Best Practices

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.