SECURITYCYBERSCOOP
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
The FBI warns about Kali365, a phishing-as-a-service platform targeting Microsoft 365 users by bypassing multi-factor authentication through OAuth device code phishing. The tool enables cybercriminals to steal access tokens, leading to data theft, ransomware, and other attacks. Researchers note its rapid growth, AI-driven tactics, and low barriers for less-technical attackers.
Mentioned
Related Signal
Adjacent reporting
- FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
- FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale
- Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
- The New Phishing Click: How OAuth Consent Bypasses MFA
- Hundreds of orgs compromised daily in Microsoft device code phishing attacks
- New FBI warning reveals phishing attacks hitting private chats