Numerous suspected threat entities associated with Russia are “intensely” focusing on individuals and institutions connected to Ukraine and human rights in an effort to obtain unauthorized entry to Microsoft 365 accounts since the beginning of March 2025.
According to Volexity, these highly directed social engineering campaigns represent a change from earlier recorded assaults that utilized a method referred to as device code.