North Korean hackers using malicious QR codes in spear phishing, FBI warns

Kimsuky's latest attacks can bypass email protections and MFA to steal M365 and VPN accounts.
CSOonline

Microsoft secretly stopped actors from snooping on your MFA codes

The issue could allow threat actors to brute force MFA authentication codes for Outlook, Teams, and Azure access with 50% accuracy. Microsoft may have silently fixed a problem with its MFA ...
CPO Magazine

FBI Alert: North Korean Hackers Using Malicious QR Codes in Phishing Attacks

The FBI has warned about North Korean hackers Kimsuky leveraging QR codes in phishing attacks targeting U.S. and foreign government entities, academia, think tanks, and others.