Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.
« The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign, » Proofpoint said in a Thursday report.
The
