{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia3hsefoapcp2t7apa6zuq3f5ixhcgwli6azrlkgyllbqvkc4pi6e",
    "uri": "at://did:plc:iir655mcoipvnewhnkv6fb3u/app.bsky.feed.post/3mm2so4isj2m2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreig4cmwskxw7gbsde3inaci4puhaoio64zanu4i55tfoltr2ikep4a"
    },
    "mimeType": "image/jpeg",
    "size": 197517
  },
  "path": "/news/security/tycoon2fa-hijacks-microsoft-365-accounts-via-device-code-phishing/",
  "publishedAt": "2026-05-17T14:46:51.000Z",
  "site": "https://www.bleepingcomputer.com",
  "textContent": "\nThe Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts.",
  "title": "Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing"
}