Skip to main content

Tag: microsoft 365

58 articles

Laptop on office desk with papers and supplies, subtle hint of phishing attempt nearby.

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts

Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.

Analyst 207
Modern office setting with laptop and smartphone on a tidy desk, hinting at a cyber threat.

FBI Warns of Kali365 Phishing Kit's OAuth Token Heist

The FBI has sounded the alarm on Kali365, a phishing-as-a-service platform that's making it easy for even novice hackers to steal Microsoft 365 login credentials and bypass security measures like multifactor authentication. This subscription-based service, mainly spread through Telegram, provides attackers with AI-generated phishing lures, campaign templates, and real-time tracking tools to target individuals and organizations.

Analyst 207
Typical office setting with laptop on desk, surrounded by papers and supplies.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users

The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

Analyst 207
Brightly lit computer workstation with Microsoft interface and cityscape background.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks

Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

Analyst 207
Person sitting at laptop with unease, surrounded by office environment.

OAuth Grants Expose Hidden Risk Below MFA Perimeter

In just five weeks, a phishing-as-a-service platform called EvilTokens compromised over 340 Microsoft 365 organizations across five countries by exploiting a clever trick: instead of stealing passwords, it convinced users to hand over OAuth refresh tokens, granting attackers long-term access to sensitive data like mailboxes, drives, and calendars. This sneaky tactic allowed hackers to bypass traditional security measures, including multi-factor authentication.

Analyst 207
Office worker looks concerned at laptop screen displaying Microsoft device login page.

Tycoon2FA Exploits Microsoft 365 with Device-Code Phishing

Beware of Tycoon2FA's sneaky phishing tactics: victims are tricked into granting OAuth tokens to attackers through Microsoft's own device-login flow after clicking a malicious link. This comeback kid of a phishing kit has bounced back from a March disruption, now with added layers of obfuscation to evade detection.

Analyst 207
Shadowy figure hunched over laptop with eerie glow, cityscape with lit skyscrapers in background.

Hackers Exploit Microsoft 365 Mailbox Rules to Conceal Post-Breach Activity

Hackers are exploiting a sneaky vulnerability in Microsoft 365 mailbox rules to hide their tracks, siphon sensitive data, and maintain a backdoor into compromised accounts. This stealthy tactic allows attackers to fly under the radar, making it even harder to detect and stop them.

Analyst 207
Law Enforcement Disrupts APT28's Router DNS Hijack Operation

Law Enforcement Disrupts APT28's Router DNS Hijack Operation

In a major breakthrough, an international coalition of law enforcement authorities and private companies has successfully disrupted a sneaky DNS hijack operation by APT28, known as FrostArmada, that targeted home network routers to steal Microsoft account credentials. This operation thwarted the hackers' plan to intercept traffic and harvest cloud account keys, protecting countless individuals from potential cyber threats.

Analyst 207
Iranian Hackers Launch Sustained Password-Spraying Attack on Israeli Microsoft 365 Users

Iranian Hackers Launch Sustained Password-Spraying Attack on Israeli Microsoft 365 Users

Iranian hackers have launched a relentless password-spraying attack on hundreds of Israeli Microsoft 365 users, sparking urgent concerns about the security of cloud inboxes in the midst of a regional conflict. This ongoing campaign, attributed to an Iran-linked threat actor, has already targeted over 300 organizations in Israel and the UAE.

Analyst 207
Iran Launches Alarming Password-Spraying Attacks on M365 Accounts

Iran Launches Alarming Password-Spraying Attacks on M365 Accounts

As Iran's missile strikes leave destruction in their wake, a stealthier threat is emerging: coordinated password-spraying attacks targeting Microsoft 365 accounts of municipal authorities in the region. This sinister campaign seems to be exploiting the chaos, striking when defenses are down.

Analyst 207
Phishing Attacks Exclusive: Critical Risk to Microsoft 365

Phishing Attacks Exclusive: Critical Risk to Microsoft 365

Think an email from your CEO is safe? Microsoft 365 phishing campaigns now use cloud misconfigurations and device-code tricks to make external messages look internal and steal authentication tokens or MFA codes.

Analyst 207
Microsoft 365 Education Risky: Stunning GDPR Alert

Microsoft 365 Education Risky: Stunning GDPR Alert

An Austrian regulator has ruled Microsoft 365 Education illegally tracked pupils, a landmark GDPR decision that could force cloud giants to adopt privacy-by-default settings and clarify who’s truly responsible for protecting kids’ data. Parents and schools deserve tools that safeguard students without breaking classroom tech.

Analyst 207
cloud collaboration: Must-Have Best Practices to Avoid Risk

cloud collaboration: Must-Have Best Practices to Avoid Risk

Cloud collaboration makes teamwork effortless — and oversharing dangerously easy; learn practical, friendly best practices to keep files moving fast while cutting exposure, from short-lived links and MFA to data stewardship and automated audits.

Analyst 207
RaccoonO365 Disrupted: Critical, Must-Have Security Win

RaccoonO365 Disrupted: Critical, Must-Have Security Win

Microsoft just dismantled RaccoonO365, seizing 338 fake login sites that had harvested at least 5,000 Microsoft credentials — a big win that cuts off a major phishing operation and a wake-up call to harden your accounts.

Analyst 207
AI Governance for SaaS Security Leaders: Essential Insights

AI Governance for SaaS Security Leaders: Essential Insights

As generative AI seamlessly integrates into SaaS platforms, security leaders face a pivotal challenge: balancing transformative efficiency gains with the urgent need for robust AI governance to protect sensitive data and manage emerging risks.

Analyst 207
Microsoft: Exchange Server Subscription Edition now available

Microsoft: Exchange Server Subscription Edition now available

Discover Microsoft Exchange Server Subscription Edition, now available! Enhance your email experience with new features and improved security.

Analyst 207
Microsoft 365 ‘Direct Send’ Exploited for Internal Phishing Attacks

Microsoft 365 ‘Direct Send’ Exploited for Internal Phishing Attacks

Learn how Microsoft’s 365 ‘Direct Send’ feature is exploited in internal phishing attacks, compromising security and user trust within organizations.

Analyst 207
Microsoft 365 to Default Block File Access Through Legacy Authentication Protocols

Microsoft 365 to Default Block File Access Through Legacy Authentication Protocols

Microsoft 365 now defaults to block file access via legacy authentication protocols, enhancing security and protecting user data from vulnerabilities.

Analyst 207
Microsoft addresses authentication issues affecting Microsoft 365 users

Microsoft addresses authentication issues affecting Microsoft 365 users

Microsoft resolves authentication issues affecting Microsoft 365 users, enhancing security and streamlining access for improved reliability.

Analyst 207
Microsoft 365 Copilot Zero-Click Vulnerability Sparks Corporate Data Theft Concerns

Microsoft 365 Copilot Zero-Click Vulnerability Sparks Corporate Data Theft Concerns

Microsoft 365 Copilot zero-click vulnerability triggers corporate data theft risks, prompting urgent action to secure sensitive enterprise information.

Analyst 207
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Zero-click AI vulnerability in Microsoft 365 Copilot exposes sensitive data without any user interaction, risking unauthorized breaches.

Analyst 207
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

Zero-click AI leak flaw in Microsoft 365 Copilot risks exposing sensitive data. Learn how this security issue could compromise privacy.

Analyst 207
CISA Warns SaaS Providers as Commvault Zero-Day Puts Azure at Risk

CISA Warns SaaS Providers as Commvault Zero-Day Puts Azure at Risk

CISA warns SaaS providers about a critical Commvault zero-day exposing Azure to security risks. Stay informed on emerging threats.

Analyst 207
CISA Alerts on Rising SaaS Threats Exploiting Application Secrets and Cloud Misconfigurations

CISA Alerts on Rising SaaS Threats Exploiting Application Secrets and Cloud Misconfigurations

CISA alerts on rising SaaS threats exploiting application secrets and cloud misconfigurations. Boost security measures to protect digital assets and data.

Analyst 207