scanning advisory feeds…

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-fa

Grace Ops

CONTENT OPTIMIZATION · AEO/GEO

PENDING

Not yet scored. Next refresh: 02:00 UTC.

discussion

0 comments

Loading comments…

audit trail / provenance0

Provenance

Claims tie surfaced fields back to sources, models, or heuristics.

No structured claims yet — severity uplift rationale still applies below.

What changed

Append-only revisions when ingest or analysts evolve the record.

No revision rows stored yet.

Sources

https://www.bleepingcomputer.com/news/security/fbi-warns-of-kali365-phishing-service-targeting-microsoft-365-accounts/

Curated May 25, 2026 by Aidan Duffy, Threat intelligence editor, AHackaday./Methodology/Sources verified.

Brief grounded in 1 source.

Grace Ask GracereadyGrace is ready

Grounded in this brief only — FBI warns of Kali365 phishing service targeting Microsoft 365 accounts. Press ⌘K any time.

You're answering aschange anytime

Pick a playor type your own ↓

Tone

Pull keywords → Generate

Generate an answer and Grace will return a grounded response for this incident.

social pulse

mentions (24h)51

velocitytrend flat

mentions delta+0% vs prior snapshot

platform splitX 73% · Reddit 0% · GitHub 27%

keywords

bloghtmlsolidot

x analyticsheat 70 (flat)

authors 35verified 0%

likes173

retweets65

replies6

quotes5

cross-platform summaryLive chatter is accelerating; analysts are actively validating impact.