Threats Tagged 'https'
View all threats tagged with 'https'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'https'
Click on any threat for detailed analysis and mitigation recommendations
Microsoft OAuth Device Code Phishing 0 A new phishing technique abusing Microsoft's OAuth Device Code flow is on the rise, with over 180 phishing URLs detected in a week. This method shifts from credential theft to token-based account takeover, making detection more challenging. Attackers initiate a device authorization process, tricking victims into approving it on legitimate Microsoft pages. The attack uses encrypted HTTPS traffic and legitimate authentication flows, bypassing traditional phishing indicators. Victims unknowingly grant attackers access to their Microsoft 365 accounts through OAuth tokens. This poses a critical risk as it allows immediate access to corporate data and resources, potentially leading to business email compromise and persistent access through refresh tokens. Join the discussion | AlienVault OTX General | 03/11/2026, 06:17:03 UTC Added: 03/11/2026, 10:28:55 UTC |
Showing 1 to 1 of 1 result