FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts

The FBI has issued a warning about Kali365, a phishing-as-a-service (PhaaS) platform designed to hijack Microsoft 365 accounts by exploiting OAuth device code authentication. The service steals session tokens to bypass multi-factor authentication (MFA), enabling unauthorized access to targeted accounts. No specific dates, victim counts, or technical indicators (e.g., CVE IDs) were disclosed in the notice. The attack vector focuses on compromising enterprise and individual accounts through credential theft and authentication abuse. The FBI’s alert highlights the growing threat of PhaaS platforms in facilitating large-scale phishing campaigns.