Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
Cybersecurity researchers have reported that threat actors are using fake Microsoft OAuth applications to impersonate legitimate enterprises, enabling them to harvest credentials and execute account takeover attacks. These fraudulent applications mimic well-known companies such as RingCentral, SharePoint, Adobe, and Docusign.
Microsoft
Read Full Original Article →