The FBI warned Microsoft 365 users on May 21, 2026, that a phishing-as-a-service kit called Kali365 is abusing Microsoft’s device-code authentication flow to steal OAuth tokens and access Outlook, Teams, and OneDrive accounts without needing victims’ passwords. The alert is not just another...
Attackers deploying DragonForce ransomware against a major U.S. services company in December 2025 hid command-and-control traffic inside Microsoft Teams relay infrastructure using a custom Go backdoor tracked by Symantec as Backdoor.Turn. The technical novelty is not that Teams was “hacked,” but...
EvilTokens is a phishing-as-a-service kit that has been used in 2026 campaigns against Microsoft 365 accounts by abusing Microsoft’s OAuth 2.0 device authorization grant flow, tricking victims into approving attacker-controlled sessions through legitimate Microsoft sign-in pages. The important...
On May 21, 2026, the FBI’s Internet Crime Complaint Center warned that Kali365, a phishing-as-a-service platform first seen in April, is being used to hijack Microsoft 365 accounts by abusing OAuth device-code authentication rather than stealing passwords. The alert matters because it targets...
The FBI warned on May 21, 2026, that Kali365, a phishing-as-a-service platform distributed primarily through Telegram, is being used to hijack Microsoft 365 accounts by abusing OAuth device code authentication and stealing access tokens without capturing passwords. The warning matters because it...
The FBI’s Internet Crime Complaint Center warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is targeting Microsoft 365 users by abusing OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords...
Most Copilot Studio agents in production today can read internal business content, invoke tools, run workflows, and authenticate to connected services through either end-user credentials or the maker’s stored credentials, creating a June 2026 enterprise risk in which prompt injection can turn a...
inforcer launched an early-access Threat Detection and Response platform for managed service providers at Pax8 Beyond in Salt Lake City in June 2026, extending its Microsoft 365 tenant-management product into monitoring, containment, incident workflow, and customer reporting. The move is not...
Pax8 said on June 9, 2026, that it will add inforcer to the Pax8 Marketplace this summer, giving managed service providers a new way to buy and deploy Microsoft 365 security, governance, and Copilot-readiness tooling for small and midsize business customers. The announcement is not simply...
Microsoft CEO Satya Nadella said in a “Possible Podcast” episode posted Friday that companies should manage AI agents with identities, permissions, sandboxes, policies, and audits, framing them less as chatbots and more as non-human workers inside enterprise systems. The remark sounds tidy...
For most organizations in 2026, Microsoft 365 is no longer merely Office in a browser but the operating layer for identity, email, collaboration, device policy, security tooling, compliance workflows, and increasingly AI-assisted business processes. That makes the old mental model dangerously...
Pax8 said on June 9, 2026, that it will add inforcer to the Pax8 Marketplace this summer, giving managed service providers a new route to buy and deploy Microsoft 365 security, governance, and Copilot-readiness tooling for small and midsize business customers. The announcement is not merely...
Pax8 said on June 9, 2026, that it will add inforcer to the Pax8 Marketplace this summer, giving managed service providers a new route to buy and deploy Microsoft 365 security, governance, and Copilot-readiness tooling for SMB customers. The announcement is not merely another vendor listing in a...
Microsoft 365 Baseline Security Mode is an opt-in security bundle in the Microsoft 365 admin center that centralizes recommended controls across authentication, files, Exchange Online, SharePoint, OneDrive, Teams, and Entra ID for tenant administrators. That sounds like a switch, and Microsoft...
inforcer announced Threat Detection and Response for Microsoft 365 MSPs on June 9, 2026, following its unveiling at Pax8 Beyond in Salt Lake City, positioning the early-access product as a multi-tenant security layer for detecting, containing, and learning from attacks across Microsoft 365...
On June 8, 2026, Palo Alto Networks Unit 42 warned that attackers are increasingly using Microsoft Teams chats to impersonate IT support staff, trick employees into accepting external conversations, and manipulate them into approving MFA prompts or visiting credential-harvesting pages. The core...
Inforcer launched a threat detection and response platform on June 8, 2026, aimed at helping managed service providers detect, investigate, and respond to attacks across Microsoft 365 environments from a multi-tenant security console. The move matters because Microsoft 365 has become both the...
Fire and Emergency New Zealand will stop people downloading its documents to personal devices through SharePoint, OneDrive, and Microsoft Teams from 5pm on 8 June 2026, while preserving existing browser-based viewing and editing permissions for staff and external partners. The move is not a ban...
Theta Lake’s June 5, 2026, argument is that enterprises now need to monitor “aiComms” — human-to-AI and agent-to-agent workplace interactions — as a distinct communications risk category spanning tools such as Microsoft Copilot, Zoom AI Companion, Claude, and Gemini. The important part is not...
Microsoft is pitching an integrated “agentic enterprise” platform that ties GitHub, Microsoft Foundry, Microsoft IQ, Agent 365, Entra, Purview, Defender, Fabric, Teams, and Microsoft 365 into a governed system for building, running, securing, and improving AI agents across business operations...