Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
- Posted on July 13, 2026
- By The Hacker News
- 0 Views
- 1 min read
Forg365 represents a sophisticated threat targeting Microsoft 365 environments through dual attack vectors. The campaign exploits device code authentication flows combined with adversary-in-the-middle phishing techniques to compromise user credentials. Once credentials are captured, attackers leverage stolen session tokens to establish persistent browser sessions and unauthorized mailbox access, enabling data exfiltration and account compromise at scale.
Summary auto-generated by AI from the original publisher's content. Editorial standards.