First reported by thehackernews.com
DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
New Forg365 phishing platform uses AI to target Microsoft 365 accounts
From the article
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device code methods with AI-assisted lure generation. [...]
Continue reading on BleepingComputerYou might also wanna read
Phishing-as-a-Service Platform Kali365 Expands Targets Beyond Microsoft 365 to AWS, Okta, and Russian Services
Kali365, a phishing-as-a-service platform originally focused on bypassing MFA on Microsoft 365 accounts, has expanded its targeting capabili
darkreading.com·1mo ago
FBI warns of Kali365 phishing platform targeting Microsoft 365 accounts
The FBI has issued a public service announcement warning about Kali365, a growing phishing-as-a-service platform that targets Microsoft 365
FBI warns of Kali365 phishing kit that bypasses multifactor authentication on Microsoft 365
The FBI has issued a public service announcement about a new phishing-as-a-service kit called Kali365, which allows criminals to hijack Micr
Microsoft 365 device code phishing campaign abuses legitimate login flow to target accounts
A Microsoft 365 device code phishing campaign observed in late June and early July 2026 abused Microsoft's legitimate device login flow to t
hendryadrian.com·1d agoFBI Urges Microsoft 365 Defenders To Watch for Kali365 Phishing Attacks
redmondmag.com·1mo ago
FBI warns Kali365 phishing scam bypasses Microsoft 365 multi-factor authentication
The FBI has issued a warning about a new phishing scam called Kali365 that targets Microsoft 365 accounts. The scam allows hackers to bypass

Comments
Sign in to join the conversation.
No comments yet. Be the first.