CSOonline

Cybercrooks faked Microsoft OAuth apps for MFA phishing

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth tokens.
Dark Reading

Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps

Attackers are deploying malicious OAuth applications on compromised cloud tenants, with the goal of taking over Microsoft Exchange Servers to spread spam. That's according to the Microsoft 365 ...
Hosted on MSN

FBI warns of Kali phishing scam hitting Microsoft OAuth tokens

FBI flags Kali365, a phishing kit sold on Telegram which steals Microsoft 365 OAuth tokens and bypasses MFA Victims are tricked into entering device codes on legitimate Microsoft pages, unknowingly ...
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...
Infosecurity Magazine

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

A new phishing-as-a-service (PhaaS) platform called Kali365 is being distributed in the wild, primarily via Telegram, the FBI has warned. First detected in April 2026, Kali365 provides cyber threat ...