Overview
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then.
Organisations Involved
The following organisations are mentioned in relation to this incident: Abuse
Cybersecurity, Device Code Phishing Hits, Microsoft, New Zealand, Orgs Across Five Countries.
Multi-Source Coverage
This event has been reported across multiple outlets:
- Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse — thehackernews
Sources: thehackernews. Aggregated by Cybernews Agency pipeline.