ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)

A campaign using a reusable tooling layer called DEBULL abuses Microsoft's legitimate device-code authentication flow to hijack M365 accounts. The phishing technique bypasses MFA by tricking victims into entering an attacker-provided code on microsoft.com/devicelogin. DEBULL is assessed as a phishing-as-a-service platform using GraphSpy-derived workflows for post-exploitation.
Tap to vote and see what everyone thinks.
Summary by ByteBrief