Threat actors misuse OAuth applications to automate financially driven attacks

Author(s): Microsoft Threat Intelligence
Organization: Microsoft

Open article directly Open article on Archive.org

2025-07-31 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
ApolloShadow

2025-07-22 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Storm-2603

2025-06-30 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations

Propose Change Threat actors misuse OAuth applications to automate financially driven attacks