From Cyber Security News – Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication
.webp)
Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed since mid-January 2025, involve three distinct groups: “CozyLarch (APT29),” “UTA0304,” and…