Russian threat actors have been abusing legitimate OAuth 2.0 authentication ... in the following diagram the attack flow targeting users by relying on a Visual Studio Code first-party application ...