THREATOPS
THREAT OPSThreat News › When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

medsecurelistPublished 2026-07-06

<p><img alt="" class="attachment-securelist-huge-promo size-securelist-huge-promo wp-post-image" height="400" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/07/03170147/Device-Code-Phishing-pingpongsuperman_A_fisherman_hacker_is_fishing_using_a_large_TV_261a6841-d900-4140-bffd-0f2f596e9977-990x400.jpg" width="990" /></p><p>One of the most common pieces of anti-phishing

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://securelist.com/microsoft-device-code-phishing-attack/120350/