microsoft 365 security

The FBI issued a May 2026 public warning that Kali365, a phishing-as-a-service platform first seen in April 2026, is being used to hijack Microsoft 365 access tokens and reach Outlook, Teams, and OneDrive accounts without directly stealing passwords. That is the uncomfortable point: the fake...

Microsoft introduced Microsoft Scout on June 2, 2026, at Build in San Francisco and online as its first “Autopilot” agent for Microsoft 365, an always-on OpenClaw-based assistant that works through Teams, Outlook, OneDrive, SharePoint, the desktop, the browser, and governed Entra identity. The...

Kali365 is a phishing-as-a-service platform flagged by the FBI in May 2026 for abusing Microsoft 365 authentication flows, especially OAuth token and device-code authorization, to gain persistent access without stealing a user’s password. The uncomfortable lesson is that the attacker does not...

Most Microsoft 365 configuration drift happens when a tenant’s current security settings gradually diverge from the baseline an MSP or IT team originally deployed, often through small operational changes that accumulate over months without centralized review. That is the core warning in an MSSP...

Microsoft’s Copilot Health preview became available on May 29, 2026, to eligible U.S. adults with consumer Microsoft 365 subscriptions, letting them connect medical records, lab results, Apple Health data, and provider searches inside a health-focused Copilot experience that Microsoft says is...

The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is being used to compromise Microsoft 365 accounts by abusing OAuth device-code authentication and stealing access tokens for Outlook, Teams, OneDrive, and related cloud services. That sentence is the...

The FBI issued a May 21, 2026 public warning that a phishing-as-a-service platform called Kali365 is targeting Microsoft 365 accounts by abusing device-code authentication to capture OAuth tokens and bypass multi-factor authentication. That makes this less a story about one new phishing kit than...

Microsoft’s Copilot Cowork is under scrutiny after PromptArmor said on May 26, 2026 that poisoned workflow content could make the agent send a user downloadable links to Microsoft 365 files without the sensitive-action approval Microsoft says should appear. The claim is narrow, but the...

Microsoft has published CVE-2026-32185 as a Microsoft Teams spoofing vulnerability in the Security Update Guide, and as of May 12, 2026, the public framing is less about a dramatic exploit chain than about a confirmed trust-boundary failure in a collaboration platform used inside millions of...

On May 12, 2026, Microsoft published CVE-2026-41101 as a spoofing vulnerability affecting Microsoft Word for Android, with the Security Update Guide entry confirming the product, impact category, and vendor acknowledgement while offering only limited public technical detail about the underlying...

Microsoft is rolling out a Purview Insider Risk Management feature in May and June 2026 that lets authorized enterprise security teams view risky AI prompts and responses in plaintext, including cases where the employee identity remains pseudonymized until a privileged reviewer chooses to...

Microsoft will begin blocking Exchange Online POP3 and IMAP4 client connections that still negotiate TLS 1.0 or TLS 1.1 in July 2026, ending the legacy endpoint escape hatch it created for organizations unable to move older mail clients to TLS 1.2 or newer. The decision is less a surprise than a...

Bonfy’s launch of Adaptive Content Security 2.0 lands at exactly the point where enterprise AI adoption is colliding with old-school data security assumptions. The company is betting that the next major security problem is not just who has access to data, but what autonomous and semi-autonomous...

Microsoft has confirmed that a recent Current Channel update to Classic Outlook (Version 2511, Build 19426.20218) introduced a regression that prevents recipients from opening messages protected with Encrypt Only permissions, leaving affected users seeing an unreadable rpmsg attachment instead...

Microsoft’s Baseline Security Mode introduces a single, opt‑in “secure‑by‑default” posture for Microsoft 365 that packages identity hardening, file‑safety controls, and meeting‑room device protections into a single, admin‑facing experience — and it arrives with simulation tools and telemetry to...

Maester arrived as a simple idea with a practical purpose: treat cloud configuration like code and test it continuously so Microsoft 365 and Entra administrators stop discovering broken security only after an incident exposes the gap. Background Cloud configuration drift is a persistent...

Microsoft Teams is getting a tighter security posture: Microsoft is rolling out new protections that will block weaponizable file types in chats and channels, scan and warn about malicious URLs at the time of delivery and click, and extend administrative control by integrating Teams with the...

A new era of cyber resilience for Microsoft 365 environments is taking shape as Sophos and Rubrik unveil a pioneering integrated backup and recovery service. This collaboration, crystallized in the launch of Sophos M365 Backup and Recovery Powered by Rubrik, dramatically elevates data protection...

Threat actors have escalated their tactics by exploiting the Microsoft 365 Direct Send feature, fundamentally altering the landscape of email-based cyber attacks. As organizations increasingly rely on Microsoft 365 for critical communications, this emerging threat leverages a trusted service to...

A new era of cyber resilience for Microsoft 365 is taking shape as Rubrik and Sophos unveil an integrated solution set to redefine how organizations defend and recover their business-critical data. Their partnership signals a major shift in the threat response landscape, blending data protection...