Skip to content
The Nexus
SECURITYMay 22 · 12:27 UTCTHE REGISTER

FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale

The FBI has warned about Kali365, a phishing-as-a-service platform that steals Microsoft OAuth tokens at scale, allowing attackers to bypass multi-factor authentication and gain unauthorized access to corporate accounts. The kit uses AI-generated phishing lures impersonating trusted services like DocuSign and SharePoint, and employs both device code phishing and adversary-in-the-middle techniques. Kali365 operates on a tiered subscription model and was first spotted in April 2026.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this