A new phishing attack called Tycoon2FA is targeting Microsoft 365 accounts by tricking users into approving device-code authentication requests, often delivered through compromised email tracking links from legitimate services like Trustifi. If attackers
Read the full article: https://www.bleepingcomputer.com/news/security/tycoon2fa-hijacks-microsoft-365-accounts-via-device-code-phishing/