Windows Report

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

The FBI warns that Kali365 phishing attacks can bypass Microsoft 365 MFA by stealing OAuth session tokens through device code phishing.

Microsoft fixes outage affecting MFA setup, MySignIn service

Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform.
SiliconANGLE

Whisper 2FA kit steals Microsoft 365 credentials and MFA tokens in real time

A new report released today by cloud cybersecurity firm Barracuda Networks Inc. details a rapidly evolving phishing-as-a-service kit dubbed Whisper 2FA that’s designed to steal Microsoft 365 ...
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...