{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicokfcom7dobk2wamah5dawfjpdkoqpzeth6miwwcw2yarkfjejfq",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mm7ft6mtxnf2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiap2ezbuvg7fqig4o5crdp2zs4l32ucsd7pa6jiypeckcrgsaev4i"
    },
    "mimeType": "image/webp",
    "size": 21182
  },
  "path": "/tycoon-2fa-adds-oauth-device-code-phishing-to-hijack-microsoft-365-accounts/",
  "publishedAt": "2026-05-18T19:08:05.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Tycoon 2FA Adds OAuth Device Code Phishing to Hijack Microsoft 365 Accounts",
    "VPN Central"
  ],
  "textContent": "Tycoon 2FA operators have adopted OAuth device code phishing to compromise Microsoft 365 accounts without using the kit’s older credential-relay flow. In the campaign analyzed by eSentire’s Threat Response Unit in late April 2026, victims were pushed through a phishing chain that ended on Microsoft’s real device login page. The victim entered a code, completed […]\n\nThe post Tycoon 2FA Adds OAuth Device Code Phishing to Hijack Microsoft 365 Accounts appeared first on VPN Central.",
  "title": "Tycoon 2FA Adds OAuth Device Code Phishing to Hijack Microsoft 365 Accounts"
}