The New Phishing Click: How OAuth Consent Bypasses MFA

thehackernews.com·May 19, 2026

In February 2026, the EvilTokens phishing-as-a-service platform compromised over 340 Microsoft 365 organizations in five weeks by tricking users into entering a code on a fake site, leading them to believe they had completed their multi-factor authentication.

The launch of the EvilTokens phishing-as-a-service platform underscores the critical need for organizations to enhance their security awareness training and implement more robust MFA mechanisms that go beyond typical challenges, such as utilizing phishing-resistant methods like FIDO2 keys. This incident highlights the importance of continuously evolving authentication strategies to counter increasingly sophisticated social engineering attacks.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

The New Phishing Click: How OAuth Consent Bypasses MFA

Want more content like this?

More from Cybersecurity News

Microsoft shares mitigation for YellowKey Windows zero-day

Risky Business #838 -- GitHub investigates possible breach

Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangs

Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector

Max-severity flaw in ChromaDB for AI apps allows server hijacking