Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login flows.
Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results