A suspected Russia-aligned group has been attributed to a
phishing campaign that employs device code authentication workflows
to steal victims' Microsoft 365 credentials and conduct account
takeover attacks. The activity, ongoing since September 2025, is
being tracked by Proofpoint under the moniker UNK_AcademicFlare.
The attacks involve using compromised email addresses belonging to
government
Read more https://thehackernews.com/2025/12/russia-linked-hackers-use-microsoft-365.html
