FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale
The FBI has issued a warning regarding the Kali365 phishing kit, which is effectively stealing Microsoft OAuth tokens. This kit allows attackers to bypass multi-factor authentication and gain unauthorized access to privileged accounts. Kali365 is marketed on Telegram and provides tools for less-technical users to launch sophisticated phishing attacks.
- ▪Kali365 is a phishing-as-a-service platform that has been stealing Microsoft OAuth tokens at an alarming rate.
- ▪The phishing kit allows attackers to impersonate trusted services and trick users into surrendering access to their M365 accounts without needing credentials.
- ▪Kali365 offers various tiers for subscribers, enabling both individual attackers and resellers to utilize its capabilities.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); Cyber-Crime FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale MFA? No problem, says crimeware that tricks users into handing attackers the keys to M365 Connor Jones Connor Jones Cybersecurity reporter Published fri 22 May 2026 // 13:27 UTC The FBI has issued a public service announcement warning about a new phishing kit that's stealing Microsoft OAuth tokens at an alarming rate.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Register.
Discussion
0 commentsMore from The Register
