Episode Details

FBI warns of a new phishing scam called Kali365 that steals Microsoft 365 access tokens—not just passwords—by tricking users into approving device code authentication. Attackers can hijack Outlook, Teams, OneDrive, and stay undetected. The kit even includes AI scams, templates, and real-time targeting tools, making cyberattacks easier for amateurs. Changing passwords won’t help—tokens remain valid until manually revoked. The FBI urges turning off device code auth, monitoring device logins, blocking cross-device transfers, and keeping emergency accounts ready.

Support the show:
Get a discount at https://solipillow.com/discount/dnn.

Advertise on DNN:
advertise@thednn.ai

This is an automated, high-level news summary based on public reporting.
Report issues to feedback@thednn.ai.

View sources & latest updates:
https://sources.thednn.ai/19b72840082b7f6b