You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
direct send exploit
About this tag
The direct send exploit refers to the abuse of Microsoft 365's Direct Send feature, a legitimate email relay mechanism designed for internal devices like printers and scanners. Attackers exploit this feature to send phishing emails that impersonate internal users without needing to compromise any accounts. Since May 2025, a sophisticated campaign has targeted over 70 organizations in the United States across multiple sectors. These attacks bypass traditional email defenses because Direct Send does not require authentication for internal communications. The exploit highlights critical security gaps in cloud email systems, prompting IT administrators to reassess configurations and implement additional protections to prevent impersonation and phishing.
A new wave of targeted phishing attacks is sweeping through organizations, exploiting a legitimate Microsoft 365 feature to wreak havoc from inside the trusted walls of enterprise email. Security researchers have recently uncovered threat actors using the Microsoft 365 “Direct Send” capability...
For many organizations, the expectation is that internal communications on their Microsoft 365 tenants are inherently more trustworthy—after all, who would question an authentication-free email from the company’s own domain? Yet a recent investigation by the Varonis Managed Data Detection and...
In a sobering development for the cloud security landscape, new research has exposed how Microsoft 365’s Direct Send feature—a tool primarily designed for seamless internal communication—has become a significant vector for phishing attacks. As organizations of all sizes deepen their reliance on...
Phishing attacks continue to challenge organizations worldwide, evolving in sophistication and leveraging the very tools designed to enhance digital communication. An alarming new campaign has emerged wherein cybercriminals exploit Microsoft 365’s Direct Send feature—traditionally trusted for...
In recent months, a sophisticated phishing campaign has exploited Microsoft 365's Direct Send feature, targeting over 70 organizations across the United States. This attack method allows cybercriminals to impersonate internal users and deliver phishing emails that bypass traditional security...
A sophisticated phishing campaign has been exploiting Microsoft 365's Direct Send feature, targeting over 70 organizations across various sectors in the United States since May 2025. This attack underscores the evolving tactics of cybercriminals and highlights the need for organizations to...
Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...