EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The service sells a turnkey Microsoft device code phishing kit that has been in active use since mid”‘February 2026 and was quickly adopted by groups specialising in Adversary”‘in”‘the”‘Middle phishing and Business […] The post EvilTokens Launches New Phishing Service Targeting Microsoft Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/eviltokens-launches-phishing/
