Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Updated on August 1, 2025

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.
“The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,” Proofpoint said in a Thursday report.
The…

Read the rest of the story at Read More

Source: The Hacker News

October 22, 2024 Uncategorized

Gophish Framework Used in Phishing Campa...

December 17, 2024 Uncategorized

CISA and FBI Raise Alerts on Exploited F...

December 23, 2024 Uncategorized

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Related posts

Gophish Framework Used in Phishing Campa...

CISA and FBI Raise Alerts on Exploited F...

Rockstar2FA Collapse Fuels Expansion of ...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do