{"id":3531,"date":"2025-04-25T10:04:25","date_gmt":"2025-04-25T10:04:25","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/04\/25\/hackers-abuse-oauth-20-workflows-to-hijack-microsoft-365-accounts\/"},"modified":"2025-04-25T10:04:25","modified_gmt":"2025-04-25T10:04:25","slug":"hackers-abuse-oauth-20-workflows-to-hijack-microsoft-365-accounts","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/04\/25\/hackers-abuse-oauth-20-workflows-to-hijack-microsoft-365-accounts\/","title":{"rendered":"Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts"},"content":{"rendered":"<p>    Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack\u00a0Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [&#8230;]<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bill Toulas<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-abuse-oauth-20-workflows-to-hijack-microsoft-365-accounts\/\">Go to bleepingcomputer<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack\u00a0Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [&#8230;] Bill Toulas Go to bleepingcomputer<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[64,133],"tags":[80],"class_list":["post-3531","post","type-post","status-publish","format-standard","hentry","category-bleepingcomputer","category-security","tag-bleepingcomputer"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3531"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=3531"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3531\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=3531"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=3531"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=3531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}