https://cybersecpro.me/tags/identity-security/Recent content in Identity Security on Juan Carlos MuneraHugo -- gohugo.ioen© 2026 Juan Carlos MuneraMon, 06 Apr 2026 00:00:00 +0000https://cybersecpro.me/posts/device-code-phishing-mfa-bypass/Mon, 06 Apr 2026 00:00:00 +0000https://cybersecpro.me/posts/device-code-phishing-mfa-bypass/Device code phishing has gone from a niche state-sponsored technique to a commoditized attack with at least 11 phishing kits and a 37x surge in 2026. The attack abuses the legitimate OAuth 2.0 Device Authorization Grant flow, routes victims through real Microsoft login pages, and bypasses MFA entirely. What practitioners need to understand.