What Happened
A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC. "The campaign did not depend on a fake Microsoft password page. It used a malicious collaboration-style lure to push users into the legitimate Microsoft device login experience,
Why It Matters
The article describes a Microsoft 365 device code phishing campaign using custom DEBULL tooling and collaboration-themed lures to trick users into completing the legitimate Microsoft device code login flow, allowing attackers to take over M365 accounts without a fake password page.[1][8] According to ZeroBEC, victims are redirected to a compromised website that orchestrates the device code challenge chain, abusing OAuth 2.0 device code flow to obtain tokens and access emails, files, chats, and other SaaS data.[1][2][4] From a RealGround perspective, this is a SaaS identity and access risk that directly affects AI-enabled M365 workloads (Copilot, automation agents, chatbots) by giving attackers valid tokens they can use to operate as the user inside those services. Organizations should apply conditional access policies to block or tightly scope device code flow, monitor OAuth grants and anomalous activity, and use continuous red teaming to test AI and SaaS integrations against this class of token-stealing phishing attacks.[2][3][4][5][9]
RealGround Analysis
This signal maps to SaaS AI risk. Organizations using AI agents, LLM APIs, SaaS integrations, or sensitive data workflows should review whether this class of issue could create unauthorized tool execution, data leakage, weak approval gates, or unmanaged supply-chain exposure.
Recommended Actions
- Restrict AI agent tool permissions and production write paths.
- Review sensitive data access across prompts, logs, embeddings, memory, and SaaS integrations.
- Add human approval workflows for high-impact or state-changing actions.
- Run prompt injection and indirect prompt injection tests against affected workflows.
- Document the owner, control gap, and remediation deadline for this risk class.
Source
https://thehackernews.com/2026/07/debull-tooling-abuses-microsoft-device.html
