Experts warn Microsoft Copilot Studio agents are being hijacked to steal OAuth tokens

Security researchers from Datadog Security Labs are warning about a new phishing technique weaponizing Microsoft Copilot Studio agents to steal OAuth tokens and grants attackers access to sensitive ...

OAuth Device Code Phishing: Azure vs. Google Compared

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and ...
Virtualization Review

The Threat Lurking in Your Entra Directory

Paul Schnackenburg warns that poorly governed OAuth app registrations in Microsoft Entra ID pose a serious security risk, as shown by recent Salesloft/Drift and Commvault breaches, and outlines how to ...

Hackers are exploiting OAuth loophole for persistent access - and resetting your password won't save you

Cybercriminals have increasingly used cloud account takeover (ATO) tactics in recent years - as it allows them to hijack accounts, exfiltrate information, and use this as a foothold for other attacks.
VentureBeat

Hackers use stolen OAuth access tokens to breach dozens of organization’s internal systems

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...
Dark Reading

OAuth Attacks Target Microsoft 365, GitHub

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...
CSOonline

Cybercrooks faked Microsoft OAuth apps for MFA phishing

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...