Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

Russian threat actors are conducting sophisticated phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication, with recent attacks focusing on political themes around the new US administration. Multiple actors, including suspected CozyLarch (APT29), are using social engineering and spear-phishing to impersonate government officials and research institutions, achieving higher success rates than traditional phishing methods.