Security News Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts BleepingComputer Daniel Bender 24 Apr 2025 Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights.