Advertisement
FBI Warns of Kali365 PhaaS Targeting Microsoft 365 Accounts
The FBI issues an advisory on Kali365, a Phishing-as-a-Service platform exploiting OAuth device code flows to bypass MFA and hijack Microsoft 365 accounts.
Tycoon2FA Phishing Kit Targets Microsoft 365 via Device Code Flow
Tycoon2FA phishing kit now leverages Microsoft 365 device code flows and Trustifi URL abuse to bypass MFA and hijack enterprise accounts.
AitM Phishing Attacks Target US Organizations with Conduct Reports
Microsoft warns of a sophisticated AitM phishing campaign using fake conduct reports to bypass MFA and hijack Microsoft 365 user sessions.
Credential Theft: Microsoft Details Phishing Campaign Targeting 35k Users
Microsoft warns of a global phishing campaign targeting 35,000 users with code-of-conduct lures to steal authentication tokens across 13,000 organizations.
Microsoft Outlook.com Sign-In Failures: Analysis of Ongoing Outage
Microsoft confirms an Outlook.com outage causing intermittent sign-in failures and mailbox access issues. Learn about the impact on enterprise productivity.
Iran-Linked Password-Spraying Targets 300+ Israeli Organizations
Iran-linked threat actors launched coordinated password-spraying attacks against Israeli and UAE Microsoft 365 environments in March 2026.