A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.