Skip to content
The Nexus
DossierENTITY

Kali365

Coverage of Kali365 in the Nexus archive.

Earliest in view: May 22 · 12:27 UTCMost recent: Jun 28 · 13:53 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 28 · 13:53 UTCFOX NEWS
    FBI warns Microsoft users about passwordless scam

    The FBI warns about a phishing-as-a-service platform called Kali365 targeting Microsoft 365 accounts. The scam bypasses multifactor authentication by exploiting Microsoft's device code login process to steal OAuth tokens, granting attackers access to Outlook, Teams, and OneDrive without requiring passwords.

  • SECURITYJun 2 · 21:32 UTCDARK READING
    FBI-Flagged Phishing Kit Kali365 Expands Its Reach

    The FBI-flagged phishing kit Kali365, previously targeting Microsoft 365, now expands to AWS, Okta, and Russian platforms using device code phishing. This marks an increase in the platform's scope and threat level.

  • SECURITYMay 25 · 12:45 UTCBLEEPING COMPUTER
    FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

    The FBI has issued a warning about the Kali365 phishing-as-a-service platform, which exploits OAuth device code authentication to hijack Microsoft 365 accounts. The service steals session tokens and bypasses multi-factor authentication (MFA), posing a significant cybersecurity threat.

  • SECURITYMay 22 · 20:41 UTCCYBERSCOOP
    FBI warns about fast-growing phishing kit targeting Microsoft 365 users

    The FBI warns about Kali365, a phishing-as-a-service platform targeting Microsoft 365 users by bypassing multi-factor authentication through OAuth device code phishing. The tool enables cybercriminals to steal access tokens, leading to data theft, ransomware, and other attacks. Researchers note its rapid growth, AI-driven tactics, and low barriers for less-technical attackers.

  • SECURITYMay 22 · 20:01 UTCRECORDED FUTURE NEWS
    FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks

    The FBI has issued a warning about Kali365, a phishing-as-a-service platform operating on Telegram that enables cybercriminals to steal OAuth tokens and gain unauthorized access to Microsoft 365 environments. The advisory follows attacks in April targeting Microsoft 365 users. This threat represents a significant security risk for organizations relying on cloud-based Microsoft services.

  • SECURITYMay 22 · 12:27 UTCTHE REGISTER
    FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale

    The FBI has warned about Kali365, a phishing-as-a-service platform that steals Microsoft OAuth tokens at scale, allowing attackers to bypass multi-factor authentication and gain unauthorized access to corporate accounts. The kit uses AI-generated phishing lures impersonating trusted services like DocuSign and SharePoint, and employs both device code phishing and adversary-in-the-middle techniques. Kali365 operates on a tiered subscription model and was first spotted in April 2026.

Kali365 · Dossier · The Nexus