Threats Tagged 'token harvesting'
View all threats tagged with 'token harvesting'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'token harvesting'
Click on any threat for detailed analysis and mitigation recommendations
New widespread EvilTokens kit: device code phishing as-a-service 0 EvilTokens is a new Phishing-as-a-Service offering a turnkey Microsoft device code phishing kit. It enables attackers to harvest access and refresh tokens, granting unauthorized access to victims' Microsoft accounts. The kit supports post-compromise operations, allowing data exfiltration from various Microsoft services. EvilTokens has been rapidly adopted by cybercriminals since March 2026, impacting organizations globally. The service provides advanced capabilities for account takeover, including token conversion to Primary Refresh Tokens and browser cookies for persistent access. Phishing campaigns using EvilTokens target employees in finance, HR, logistics, and sales, primarily for Business Email Compromise attacks. MediumCampaign Join the discussion United States United Kingdom Canada+8#device code phishing#token harvesting#microsoft 365 | AlienVault OTX General | 03/31/2026, 16:14:29 UTC Added: 03/31/2026, 18:38:16 UTC |
Showing 1 to 1 of 1 result