FBI issues urgent Kali365 security warning for Teams, Outlook, OneDrive users

The FBI released an urgent security warning to the public about a fast-acting scam targeting Microsoft 365 users on Teams, ...
Windows Report

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

The FBI warns that Kali365 phishing attacks can bypass Microsoft 365 MFA by stealing OAuth session tokens through device code phishing.
Infosecurity Magazine

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

A new phishing-as-a-service (PhaaS) platform called Kali365 is being distributed in the wild, primarily via Telegram, the FBI has warned. First detected in April 2026, Kali365 provides cyber threat ...

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth tokens.
Memeburn

FBI Warns Microsoft Users as Kali365 Attack Spreads Across Outlook and Teams

The FBI warns Microsoft 365 users about Kali365 phishing attacks that bypass MFA and steal Outlook, Teams, and OneDrive ...
Memeburn

FBI Warns Microsoft 365 Users About Dangerous Phishing Tool

Kali365 targets Microsoft 365 users’ accounts, using a phishing service that doesn’t require password theft despite bypassing ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...