The FBI has issued an urgent security warning about a new phishing platform, Kali365, that is specifically targeting Microsoft 365 users on Teams, Outlook, and OneDrive. The platform exploits OAuth device codes to bypass multi-factor authentication (MFA) and gain unauthorized access to accounts without requiring a password.

According to the FBI, scammers using Kali365 send phishing emails that appear to come from legitimate document-sharing services. These emails contain a device code and instructions for the recipient to verify their identity. Once the user enters the code, the attackers capture the OAuth token and gain full access to the victim's Microsoft 365 account.

Read also
Technology
Artemis III Crew Named as NASA Shifts Focus to Orbital Docking Tests
NASA has named the Artemis III crew and outlined a complex orbital mission for 2027, but the all-male crew has sparked debate over gender representation.

Kali365 is described as an emerging Phishing-as-a-Service (PhaaS) platform, first detected by the FBI in April. The platform is sold to cybercriminals for a subscription fee of $250 per month, making advanced phishing tools accessible even to attackers with limited technical skills.

“Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities,” the FBI stated in its warning.

This development comes amid a broader surge in cyber threats, including a recent global outage that hit Facebook, Instagram, and Threads, highlighting the vulnerability of digital infrastructure. The rise of PhaaS platforms like Kali365 underscores the growing sophistication of cybercriminal operations.

The FBI advises users to be vigilant and report any phishing emails, suspicious login attempts, or unauthorized devices or active sessions to the Internet Crime Complaint Center (IC3). The agency also urges users not to open links with access codes that they did not request.

This warning follows other recent cybersecurity concerns, such as the White House security directive that led Anthropic to halt its AI models, reflecting the ongoing tension between technological advancement and security. The FBI's alert serves as a reminder that even as organizations invest in cybersecurity, attackers continue to find new ways to exploit vulnerabilities.

The Hill has reached out to Microsoft for comment on the Kali365 threat. As the platform continues to evolve, users and organizations are urged to stay informed and take proactive measures to protect their accounts.