logo

Defending the Authentication Flow: Device Code Phishing with Selena Larson

ID: 7894f2ab-5cc6-5516-820e-af855baf2ff9

STIX ID: report--7894f2ab-5cc6-5516-820e-af855baf2ff9

Feed Name: Proofpoint Blog

Threat Score
65/100

Date Published: 2026-06-30

Date Updated: 2026-07-03

...
...

This podcast episode describes how adversaries exploit Microsoft OAuth/device-code authentication workflows in device-code phishing campaigns, highlights the impact of leaked criminal kits (late 2025) that have commercialized these techniques, analyzes attacker behaviors including BEC, credential harvesting and account takeover jumping, and provides prescriptive defenses such as conditional access policies and strict device compliance to block unauthorized authentication.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.