The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth ...

The Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (PSA) to warn the public about an emerging ...

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Here's what Microsoft users in Illinois should know about a new phishing scam announced by the FBI. The scheme targets OneDrive, Teams and Outlook accounts.

A new phishing kit is being offered on Telegram allowing even newbie hackers an easy way to grab OAuth tokens.

US federal investigators have warned that a new phishing-as-a-service platform called Kali365 is enabling cybercriminals to steal Microsoft 365 access tokens and bypass multi-factor authentication ...

The FBI is warning that a new hacking platform is allowing cybercriminals to hijack Microsoft 365 accounts — including Outlook, Teams and OneDrive — while bypassing multi-factor authentication ...

A new phishing-as-a-service (PhaaS) platform called Kali365 is being distributed in the wild, primarily via Telegram, the FBI has warned. First detected in April 2026, Kali365 provides cyber threat ...

A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia researchers first spotted the toolkit ...