ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
The attack exploited previously exposed credentials and flaws in enterprises’ multi-factor authentication configurations.
An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period.