How do you know the account you thought was safe really belongs to you? For many users this year, the answer has grown alarmingly uncertain.
What the data shows
According to reporting by BleepingComputer, device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year. The same reporting says new kits facilitating these attacks have spread online.
Background in brief
The attacks in question exploit the OAuth 2.0 Device Authorization Grant flow. BleepingComputer's coverage identifies those attacks specifically as "device code phishing" and links their rise to the availability of new attack kits circulating online.
Why this matters
- The scale of the increase — a rise of more than 37-fold in a single year — signals a rapidly changing threat environment, according to the reporting.
- The spread of ready-made kits online suggests the technique can be deployed beyond highly specialized operators, a point underscored by BleepingComputer's description of kits spreading online.
- If attacks successfully abuse an authentication flow to "hijack accounts," as the report states, then the practical consequences for users and organizations can be immediate and severe.
Perspectives to consider
Technologists will read the surge as an operational problem: an authentication protocol being repurposed by attackers, and the availability of kits lowering the bar for exploitation. Policymakers and defenders face a strategic question: whether existing mitigations and guidance are sufficient in the face of a swift, tool-driven expansion. Users confront a personal dilemma — how to trust and verify account access when attacks are increasing dramatically.
BleepingComputer's reporting draws attention to a single, stark fact: device code phishing has multiplied many times over this year and is being amplified by new toolkits circulating online. The simple question remains — when attackers can turn a protocol into a weapon at scale, who will make the next move to stop them?




