Vendor
Threat actors are increasingly using device code phishing, often via Phishing-as-a-Service platforms, to compromise user accounts by abusing the OAuth 2.0 device authorization grant flow and capturing authentication tokens, enabling account takeover, data theft, and business email compromise.