The February 2026 launch of EvilTokens marks a decisive shift in adversary tradecraft, moving exploitation from credential replay to legitimate token acquisition at the consent layer. Unlike prior AiTM kits that still generated detectable sign-in events, this PhaaS platform weaponizes the OAuth grant flow itself: victims complete MFA on microsoft.com/devicelogin, then authorize scopes that deliver long-lived refresh tokens for mailbox, OneDrive, calendar, and contacts. These tokens inherit tenant policy lifetimes rather than session bounds, surviving password resets and evading SIEM correlation because no anomalous authentication occurs. Microsoft’s own threat intelligence has documented similar patterns since 2023, yet enterprise conditional access policies remain overwhelmingly focused on sign-in risk rather than post-consent grant auditing. The normalization of consent screens—driven by AI agents, productivity extensions, and SaaS integrations—has eroded user discrimination, creating toxic scope combinations across finance, CRM, and shared-drive applications that no single application owner reviews. This gap sits below the identity perimeter most organizations still treat as sufficient, exposing hybrid work environments where persistent mailbox access enables downstream espionage or ransomware staging without triggering behavioral analytics. Broader patterns in critical infrastructure, including recent CISA alerts on OAuth abuse in government tenants, indicate the same vector could migrate to supply-chain partners once refresh-token revocation workflows lag behind attacker speed.