The FBI has warned about a phishing tool called Kali365 that can bypass two-factor authentication on Microsoft 365 accounts. The subscription-based kit uses OAuth device code flow to steal access tokens after tricking users into entering login codes on legitimate Microsoft pages. It targets sectors including healthcare, finance and government.
A subscription-based phishing kit called Kali365 can bypass two-factor authentication entirely. Here's how it works and how to protect yourself. The FBI has issued an urgent public warning about a rapidly spreading cyberattack tool that can break into Microsoft 365 accounts, including Outlook, Teams and OneDrive, without ever needing the account holder's password or triggering a two-factor authentication alert.
The FBI's Internet Crime Complaint Center (IC3) issued Public Service Announcement I-052126-PSA on May 21, warning about a Phishing-as-a-Service platform called Kali365, first seen in April 2026. The tool is sold through Telegram as a criminal subscription product for as little as $250 for 30 days.
The targets span a broad range of sectors. The campaign has hit manufacturing, education, insurance, financial, healthcare and government organisations.
What makes Kali365 different
-
UPSC Prelims 2026 Result: Lakhs of candidates in the race to become IAS/IPS officers—how many contenders per seat, and what happens next?
-
Road Dividers: Why are road dividers painted black and yellow?
-
OPINION: Will banning Telegram stop the NEET paper leak?
-
Why was Telegram banned before the NEET exam, and how exactly were the papers being leaked?
-
Pixel users might get these powerful AI features before Android 17; a smart reaction system will appear on the screen..
