Russian Threat Actors Exploit OAuth 2.0 to Hijack Microsoft 365 Accounts

Russian threat actors have exploited legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees from organizations related to Ukraine and human rights. This technique allows attackers to bypass traditional security mechanisms by using malicious OAuth applications to access target accounts. The impacts include account compromise and unauthorized access to sensitive information.