The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
Résumé + lien vers la source. Sans paywall, sans tracking.