
A sophisticated phishing campaign termed “device code phishing” has been meticulously identified by Microsoft Threat Intelligence. This deceptive attack, initiated by the group known as Storm-2372, has been active since August 2024 and has consistently targeted various industries and governments around the globe. By exploiting device code authentication—a method typically reserved for devices unable to perform interactive web-based authentication—these attackers