The FBI has issued warnings about Kali365, a phishing-as-a-service platform that enables attackers to bypass multi-factor authentication and steal Microsoft 365 access tokens via OAuth device code phishing.

Score total

1.22

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

Kali365 phishing attacks have rapidly increased, prompting FBI warnings.
The tool exploits legitimate Microsoft OAuth flows, making detection harder.
Immediate mitigation steps can prevent widespread compromise of Microsoft 365 environments.

Why it matters

Kali365 enables attackers to bypass MFA, increasing risk of unauthorized Microsoft 365 access.
OAuth token theft can lead to data breaches, fraud, and ransomware attacks.
Organizations need updated security policies to defend against evolving phishing techniques.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

Kali365 phishing attacks bypass multi-factor authentication by stealing Microsoft 365 OAuth access tokens.

How sources frame it

FBI And Cybersecurity News Sources: neutral

Consolidated multiple sources reporting on FBI warnings about Kali365 phishing tool targeting Microsoft 365 OAuth tokens.

All evidence

FBI warns about fast-growing phishing kit targeting Microsoft 365 users

CyberScoop · cyberscoop.com · 2026-05-22 20:41 UTC

FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks

The Record (Recorded Future News) · therecord.media · 2026-05-22 20:01 UTC

FBI warns of Kali Oauth stealers

CSO Online · csoonline.com · 2026-05-22 17:51 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 3 / 0

Top publishers (this list)

CyberScoop (1)
The Record (Recorded Future News) (1)
CSO Online (1)

Top origin domains (this list)

cyberscoop.com (1)
therecord.media (1)
csoonline.com (1)