{"id":13652,"date":"2026-06-16T11:03:39","date_gmt":"2026-06-16T11:03:39","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/06\/16\/microsoft-oauth-device-code-abused\/"},"modified":"2026-06-16T11:03:39","modified_gmt":"2026-06-16T11:03:39","slug":"microsoft-oauth-device-code-abused","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/06\/16\/microsoft-oauth-device-code-abused\/","title":{"rendered":"Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts"},"content":{"rendered":"<p>    Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>An active campaign in which attackers are abusing Microsoft\u2019s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. <\/p>\n<p>Rather&#8230;<br \/>\nDelivered by PolitePaul service<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/gbhackers.com\/microsoft-oauth-device-code-abused\/\">Go to gbhackers.com<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts An active campaign in which attackers are abusing Microsoft\u2019s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. Rather&#8230; Delivered by PolitePaul service Go to gbhackers.com<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[81],"class_list":["post-13652","post","type-post","status-publish","format-standard","hentry","category-gbhackers","tag-gbhackers"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13652"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=13652"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13652\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=13652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=13652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=13652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}