{"id":17060,"date":"2025-08-01T13:02:00","date_gmt":"2025-08-01T13:02:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/"},"modified":"2025-08-01T13:02:00","modified_gmt":"2025-08-01T13:02:00","slug":"attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.<br \/>\n&#8220;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&#8221; Proofpoint said in a Thursday report.<br \/>\nThe<a href=\"https:\/\/thehackernews.com\/2025\/08\/attackers-use-fake-oauth-apps-with.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &#8220;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&#8221; Proofpoint said in a Thursday report. TheRead More\u00a0<\/p>\n","protected":false},"author":1,"featured_media":17061,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17060","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &quot;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&quot; Proofpoint said in a Thursday report. TheRead More\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &quot;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&quot; Proofpoint said in a Thursday report. TheRead More\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-08-01T13:02:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-08-01T13:02:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &quot;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&quot; Proofpoint said in a Thursday report. TheRead More\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ms365-T7gZ18.jpg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-08-01T13:02:00+00:00\",\"dateModified\":\"2025-08-01T13:02:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. \\\"The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,\\\" Proofpoint said in a Thursday report. TheRead More\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ms365-T7gZ18.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/01\\\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-08-01T13:02:00+00:00\",\"dateModified\":\"2025-08-01T13:02:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. \"The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,\" Proofpoint said in a Thursday report. TheRead More","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#blogposting","name":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/ms365-T7gZ18.jpg","width":728,"height":380},"datePublished":"2025-08-01T13:02:00+00:00","dateModified":"2025-08-01T13:02:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#listItem","name":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/","name":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. \"The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,\" Proofpoint said in a Thursday report. TheRead More","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/ms365-T7gZ18.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-08-01T13:02:00+00:00","dateModified":"2025-08-01T13:02:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &quot;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&quot; Proofpoint said in a Thursday report. TheRead More","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-08-01T13:02:00+00:00","article:modified_time":"2025-08-01T13:02:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. &quot;The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,&quot; Proofpoint said in a Thursday report. TheRead More"},"aioseo_meta_data":{"post_id":"17060","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-08-01 15:34:37","updated":"2025-10-15 16:05:14","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tAttackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/01\/attackers-use-fake-oauth-apps-with-tycoon-kit-to-breach-microsoft-365-accounts-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17060","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17060"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17060\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17061"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17060"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17060"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17060"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}