Última hora
ARمنظمة العفو الدولية: 3 عائلات لبنانية بأكملها تم محوها بغارات إسرائيليةARحريق هائل في الأندلس يخلف ضحايا ويجبر على الإجلاءARتركيا وإيران تتحركان بعد انهيار وقف إطلاق النار بين طهران وواشنطنARتقرير: تركيا تبحث بيع منظومة إس-400 لدولة ثالثة وسط مفاوضات مع واشنطن وموسكوARتركيا تسعى لاستعادة مقاتلات F-35 وتطوير دفاعاتها الجويةARوزير الخارجية السوري ينشر صورة لرسالة من ترامب بشأن إلغاء تصنيف سوريا كدولة راعية للإرهابARالدفاع الروسية تعلن إسقاط 152 مسيرة جوية معادية فوق البلاد خلال 12 ساعةARMorocco's World Cup Exit: Fans Express Disappointment and PrideARانقطاع الكهرباء والمياه والاتصالات في هافانا يطغى على انتصار كوبا في الأمم المتحدةARالكرملين: قرارات دول البلطيق بشأن نشر السلاح النووي ستقابلها تدابير مضادةARمنظمة العفو الدولية: 3 عائلات لبنانية بأكملها تم محوها بغارات إسرائيليةARحريق هائل في الأندلس يخلف ضحايا ويجبر على الإجلاءARتركيا وإيران تتحركان بعد انهيار وقف إطلاق النار بين طهران وواشنطنARتقرير: تركيا تبحث بيع منظومة إس-400 لدولة ثالثة وسط مفاوضات مع واشنطن وموسكوARتركيا تسعى لاستعادة مقاتلات F-35 وتطوير دفاعاتها الجويةARوزير الخارجية السوري ينشر صورة لرسالة من ترامب بشأن إلغاء تصنيف سوريا كدولة راعية للإرهابARالدفاع الروسية تعلن إسقاط 152 مسيرة جوية معادية فوق البلاد خلال 12 ساعةARMorocco's World Cup Exit: Fans Express Disappointment and PrideARانقطاع الكهرباء والمياه والاتصالات في هافانا يطغى على انتصار كوبا في الأمم المتحدةARالكرملين: قرارات دول البلطيق بشأن نشر السلاح النووي ستقابلها تدابير مضادة
Newsgather
BackFBI Warns of Kali365 Phishing-as-a-Service Targeting Microsoft 365
FBI Warns of Kali365 Phishing-as-a-Service Targeting Microsoft 365
Urgente
Times of India16.06.2026Tecnología3 dk okumaIndia

FBI Warns of Kali365 Phishing-as-a-Service Targeting Microsoft 365

En resumen

  • The FBI has issued a warning about Kali365, a Phishing-as-a-Service platform distributed via Telegram.
  • It enables cybercriminals to steal Microsoft 365 OAuth tokens, bypassing MFA and gaining persistent access to accounts.

Resumen generado por IA

Por qué importa

Kali365 is a Phishing-as-a-Service platform that emerged in April 2026, primarily distributed via Telegram. It allows cyber threat actors to steal Microsoft 365 OAuth tokens and bypass multi-factor authentication.

Tamaño de fuente

The Federal Bureau of Investigation (FBI) issued a Public Service Announcement (PSA), warning the public about an emerging Phishing1-as-a-Service2 (PhaaS) platform called Kali365.

First seen in April 2026, Kali365 has primarily been distributed via Telegram, enabling cyber threat actors to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user's credentials.

As stated in the FBI warning, cyber threat actors can capture "OAuth" tokens through the Kali365 platform subscription and gain persistent access to targeted individuals/entities' Microsoft 365 environments.

“Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities,” it said.

How the Kali365 scam works

As explained by FBI, cyber attackers deploy following tactics to lure citizens through the Kali365 subscription:

Lure: An attacker sends a phishing email impersonating trusted cloud productivity and document-sharing services. This phishing email contains a device code with instructions to visit a legitimate Microsoft verification page and enter the code.

Authorization: The targeted individuals/entities navigate to the real Microsoft page and pastes in the device code, unknowingly authorizing the attacker's device to access their account.

Token Theft: The attacker captures OAuth access and refresh tokens, granting them access to the targeted individuals/entities' Microsoft 365 account.

Persistence: The attacker can now access Microsoft 365 services such as Outlook, Teams, and OneDrive without needing a password or completing any additional MFA challenges.

Tips to protect yourself

FBI has also shared a list of security tips that one can take to avoid falling for the Kali365 scam. These are:

Restricting device code flow to limit or block device authentication codes can help prevent or limit this style of attack.

Create a conditional access policy to block device code flow for all users, with limited exceptions for required business processes.

Audit existing device code flow usage to identify legitimate dependencies before creating a conditional access policy.

Block authentication transfer policies to prevent users from transferring authentication from computers to mobile devices.

If you cannot completely restrict device code flow usage, exclude emergency access accounts to prevent lockouts.

“If you or someone you know has been impacted by the Kali365 Phishing kit, file a complaint with the Internet Crime Complaint Center (IC3) at www.ic3.gov. Be sure to include any available information, such as:

Any phishing emails (email header, body)

Suspicious logins (time, IP address, location)

Any unauthorized devices or active sessions added to the account,” the FBI said.

Preguntas abiertas

  • How many users have been affected by Kali365?
  • What is the origin of the Kali365 platform?
  • Will Microsoft release specific patches for this threat?

Temas relacionados

This article was originally published by Times of India.

Noticias relacionadas

Bellatrix Aerospace Aims for Fivefold Revenue Growth with Satellite Propulsion Systems
En desarrollo·3 sa önce

Bellatrix Aerospace Aims for Fivefold Revenue Growth with Satellite Propulsion Systems

Bengaluru-based Spacetech startup Bellatrix Aerospace anticipates a more than fivefold increase in revenue this fiscal year, projecting "a few tens of crores" in FY27, up from Rs 2 crore annually over the past three years. This growth is fueled by increased commercial production of satellite propulsion systems, a $20 million fundraise in March, and rising global demand for in-space mobility.

Economic Times
Más sobre este temaFBI