Forg365 is a new phishing platform targeting Microsoft 365 accounts with AI emails, AiTM attacks, and device-code abuse.
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining ...
Talos details ARToken, a PhaaS panel tied to EvilTokens that supports device code phishing, BEC workflows, SharePoint theft, ...
The FBI warns about Kali365, a phishing scam targeting Microsoft 365 accounts that can bypass multifactor authentication using device code tricks.
The FBI warned Microsoft users about a phishing scam that bypassed passwords and multifactor authentication to access Outlook and OneDrive accounts.
What happened Researchers have uncovered a new phishing campaign using the EvilTokens phishing kit that employs a technique known as “ghost phishing” to bypass traditional email security controls. The ...
New Helix extortion group steals SharePoint data after compromising Microsoft 365 accounts through voice phishing and MFA abuse.
In late May, the FBI warned U.S. residents of a new phishing scam, Kali365 targeting Microsoft 365 users. Here's how to ID, what scammers are after.
The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth tokens. A new phishing service is turning a legitimate Microsoft login process ...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...