SECURITYTHE REGISTER
Hundreds of orgs compromised daily in Microsoft device code phishing attacks
A Microsoft device-code phishing campaign uses AI and automation to compromise hundreds of organizations daily, enabling attackers to access corporate emails and steal financial data. The attack leverages 'EvilTokens' to bypass multi-factor authentication, highlighting vulnerabilities in cybersecurity practices.