A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC.”The campaign did not depend on a fake Microsoft password page. It used a malicious collaboration-style lure to push users into the legitimate Microsoft device login experience,
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/07/debull-tooling-abuses-microsoft-device.html
![]()

