Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
… Doing so authorizes the attacker to register a rogue device with the victim’s Microsoft 365 account, giving them unrestricted access to the victim's data and services, including email, calendar, and cloud file storage. …