{"id":208979,"date":"2025-03-18T04:12:25","date_gmt":"2025-03-18T09:12:25","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/03\/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts"},"modified":"2025-03-18T04:12:25","modified_gmt":"2025-03-18T09:12:25","slug":"malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/03\/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts","title":{"rendered":"Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts.jpg\"><\/a><\/p>\n<p>Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials.<\/p>\n<p>The campaigns were discovered by Proofpoint researchers, who characterized them as \u201chighly targeted\u201d in a <a href=\"https:\/\/twitter.com\/threatinsight\/status\/1899869276053635553\" target=\"_blank\" rel=\"nofollow noopener\">thread on X<\/a>.<\/p>\n<p>The malicious OAuth apps in this campaign are impersonating Adobe Drive, Adobe Drive X, Adobe Acrobat, and DocuSign.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. The campaigns were discovered by Proofpoint researchers, who characterized them as \u201chighly targeted\u201d in a thread on X. The malicious OAuth apps in this campaign are impersonating Adobe Drive, Adobe Drive X, [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-208979","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/208979","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=208979"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/208979\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=208979"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=208979"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=208979"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}