GraphSpy
-
Researchers link Microsoft device code phishing campaign to reusable DEBULL tooling
Researchers say a June and July Microsoft 365 device code phishing campaign used collaboration-themed lures, a compromised website and reusable DEBULL tooling to hijack accounts through Microsoft’s legitimate sign-in flow.

