In a sobering development for the cloud security landscape, new research has exposed how Microsoft 365’s Direct Send feature—a tool primarily designed for seamless internal communication—has become a significant vector for phishing attacks. As organizations of all sizes deepen their reliance on...
In recent months, a sophisticated phishing campaign has exploited Microsoft 365's Direct Send feature, targeting over 70 organizations across the United States. This attack method allows cybercriminals to impersonate internal users and deliver phishing emails that bypass traditional security...
Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...