When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
Kaspersky Securelist·2h·Reputable
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
Categories cybersecurity · government-security · unknown-it-category-15
Original source / advisory ↗Published
7/6/2026, 9:00:43 AM
Fetched
7/6/2026, 9:19:32 AM
Trust
reputable · 80/100
Language
en