You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
kali365
About this tag
Kali365 is a phishing-as-a-service platform first observed in April 2026 that targets Microsoft 365 users. According to an FBI warning, Kali365 abuses OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords. Instead of directing victims to a fake login page, the attack asks them to complete a real Microsoft sign-in flow for an attacker's device, making traditional URL-checking advice insufficient. This tag covers discussions about the Kali365 threat, its technical mechanism, and its implications for Microsoft 365 security.
The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April and distributed mainly through Telegram, is being used to hijack Microsoft 365 accounts by abusing Microsoft’s legitimate device-code sign-in flow. The important word there is not “phishing.” It is...
The FBI’s Internet Crime Complaint Center warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is targeting Microsoft 365 users by abusing OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords...