EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The service sells a turnkey Microsoft device code phishing kit that has been in active use since mid‑February 2026 and was quickly adopted by groups specialising in Adversary‑in‑the‑Middle phishing and Business […]

The post EvilTokens Launches New Phishing Service Targeting Microsoft Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/eviltokens-launches-phishing/