Report: The Tycoon 2FA Phishing Kit Has Evolved

Tycoon 2FA, a phishing-as-a-service platform, has resumed operations and is actively conducting OAuth device code phishing attacks that trick users into granting OAuth tokens via Microsoft's legitimate device-login flow, enabling attackers to obtain access without exploiting technical vulnerabilities; the technique leverages social engineering to subvert MFA by changing what the MFA approval actually authorizes.