ABT Blog

Read about mortgage technology solutions topics

MFA Compliance

Microsoft 365 device code phishing attack pathway showing token replay from Railway PaaS infrastructure to a compromised financial institution tenant

25 min read

M365 Device Code Phishing: MFA Is Being Bypassed at Scale

Justin Kirsch: Wed, Apr 15, 2026

In This Article The attack that bypasses MFA without breaking it How EvilTokens weaponized a legitimate OAuth feature The escalation timeline: from 3...

Company

Our Story
Leadership
Blog
Contact

Platform

Security and Governance
Guardian Managed Security
Guardian MxDR
Security Assessment
Attack Simulation
Security Insights
Cloud and Data
Microsoft 365 and Azure
Business Intelligence
Virtual Desktops
Productivity Insights
Mortgage and Custom
MortgageExchange
DocumentGuardian
App Pilot
Point Central
Email Signatures

Resources

IT Sovereignty
AI Readiness Assessment
Release Notes

Connect

Talk to an Expert (888) 422-3400

Submit a Ticket
Sign In

Cloud Solution Provider
Tier 1 Direct Partner Authority

SOC 2 Type II Defender Zero Trust GLBA / FTC Safeguards 750+ Institutions Purview Governance Copilot Governance

ABT Blog

Read about mortgage technology solutions topics

MFA Compliance

M365 Device Code Phishing: MFA Is Being Bypassed at Scale

Company

Useful Links

Support