FBI Warns: Kali365 Phishing Kit Exploits M365 OAuth Tokens – Unpacking the Evolving PaaS Threat
FBI warns of Kali365 phishing kit hijacking Microsoft 365 OAuth tokens, enabling persistent access and bypassing MFA. Learn defensive strategies.
phishing-as-a-service
Tycoon 2FA Evolves: Next-Gen OAuth Device Code Phishing Bypasses MFA
Tycoon 2FA now uses OAuth device code phishing to compromise MFA-protected devices, resuming operations after a takedown.