Microsoft 365 users targeted by new phishing threat that bypasses MFA
Source: Feeds2.Feedburner
Published:
<p>Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 has been distributed through Telegram, allowing cybercriminals to obtain Microsoft 365 access tokens and bypass MFA withou