FBI warns of Kali365 phishing kit targeting Microsoft 365 accounts

📅 26 May 2026 at 17:06 UTC📰 Cyber InsiderView original source ↗

The FBI has issued a warning about a phishing-as-a-service (PhaaS) platform known as “Kali365” that is being used to compromise Microsoft 365 accounts through sophisticated phishing and adversary-in-the-middle (AiTM) attacks. According to a public advisory published by the FBI’s Internet Crime Complaint Center (IC3), the service enables cybercriminals to bypass multi-factor authentication (MFA) protections and … The post FBI warns of Kali365 phishing kit targeting Microsoft 365 accounts appeared first on CyberInsider.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

Kali365 is a phishing-as-a-service platform being used to compromise Microsoft 365 accounts through sophisticated phishing and adversary-in-the-middle attacks, targeting organizations in the United States across multiple sectors.

⚙️Technical Details

Affected Systems

Microsoft 365 accounts

Attack Vectors

Sophisticated phishing and adversary-in-the-middle (AiTM) attacks

💥Impact Assessment

Severity: High

Who Is at Risk

Organizations in the United States across multiple sectors, including education, healthcare, finance, and government

🛡️Recommended Actions

1Adopt phishing-resistant MFA methods such as FIDO security keys

2Monitor for suspicious login activity

3Restrict legacy authentication protocols

📦Affected Products

Microsoft 365 accounts

Read the full article

This is a curated summary. The complete article is available at Cyber Insider.

Read on Cyber Insider ↗

← Back to feed