{"slug": "fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale", "title": "FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale", "summary": "The FBI has issued a warning about a phishing kit called \"Kali365\" that is being used to steal Microsoft OAuth tokens on a large scale. This crimeware bypasses multi-factor authentication (MFA) by tricking users into granting attackers access to their Microsoft 365 accounts. The stolen tokens allow attackers to maintain persistent access without needing passwords.", "body_md": "MOST POPULAR\nEVENTS\n-\nThe Hardware Crunch: How Supply Chain Turbulence Is Forcing a New IT Playbook\nInfrastructure teams are facing a perfect storm: extended hardware lead times, rising costs driven by AI demand, and accelerated platform timelines.\n-\nOvercoming the trade-offs in data sovereignty\nWhat does data sovereignty actually mean for your network, which trade-offs are unavoidable? Learn more.\n-\nFrom Prompt to Exploit: How LLMs Are Changing API Attacks\nModern applications are API-driven, interconnected, and often over-permissioned, making them an ideal target for AI-assisted attacks.\n-\nArchitecting the Future: Unlocking Enterprise Data Services for Kubernetes\nJoin us to discover how to eliminate infrastructure silos and establish a standardized, enterprise-grade cloud-native platform.\n-\nCatch the Advanced Attacks Microsoft 365 Misses with Behavioral AI Security\nMicrosoft 365 is the backbone of enterprise communication, and its native security filters out the known and the noisy.\n-\nHow Agents are Reshaping AI Security\nAI adoption is accelerating and with it comes a new security challenge.\n-\nHow Agents are Reshaping AI Security\nAI adoption is accelerating and with it comes a new security challenge.\n-\nAI Found the Problem. Now What?\nAI is transforming the software development lifecycle, helping teams identify and remediate vulnerabilities before they reach production.\n-\nVirtual Cyber Recovery Sim\nStep into the chaos of a live ransomware breach, test your response skills, and team up with other IT and security pros to outsmart cybercriminals\n-\nVirtual Cyber Recovery Simulation\nRansomware attacks aren’t slowing down, and neither are we. Druva’s hit event, Escape Ransomware, is now fully virtual.\nAI\n-\nScience\nSpaceX scrubs Starship launch with seconds to go\nNot all bad news: Crypto billionaire signs up for a mission to Mars\n-\nZTE unveils localized roadmap for Eurasia's digital future at GSMA M360 Eurasia 2026\nDriving \"affordable AI\" through open ecosystems, anti-fragile infrastructure, and optimized TCO to empower local industries\n-\nOn-Prem\nOutlook has an image problem\nMicrosoft says classic client may lose embedded pictures thanks to wrapping bug\n-\nsecurity\nTechie claims Trump Mobile website was leaking thousands of people's data\nCustomers' info potentially handed to anyone who could send an HTTP request\n-\nPublic sector\nIrish Rail writes down €50M after train IT project goes off the rails\nState-owned operator loses confidence in delayed traffic management system as politicians compare Ireland’s latest public-sector IT fiasco to 'Groundhog Day'\nInfosec\n-\nScience\nSpaceX scrubs Starship launch with seconds to go\nNot all bad news: Crypto billionaire signs up for a mission to Mars\n-\nZTE unveils localized roadmap for Eurasia's digital future at GSMA M360 Eurasia 2026\nDriving \"affordable AI\" through open ecosystems, anti-fragile infrastructure, and optimized TCO to empower local industries\n-\nOn-Prem\nOutlook has an image problem\nMicrosoft says classic client may lose embedded pictures thanks to wrapping bug\n-\nsecurity\nTechie claims Trump Mobile website was leaking thousands of people's data\nCustomers' info potentially handed to anyone who could send an HTTP request\n-\nPublic sector\nIrish Rail writes down €50M after train IT project goes off the rails\nState-owned operator loses confidence in delayed traffic management system as politicians compare Ireland’s latest public-sector IT fiasco to 'Groundhog Day'\nFOSS\n-\nFBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale\nMFA? No problem, says crimeware that tricks users into handing attackers the keys to M365\n-\nZTE Day Indonesia 2026 strengthens AI innovation and digital infrastructure collaboration to accelerate Indonesia's digital transformation\nThe annual tech showcase highlights next-gen AI, cloud, and future-ready ICT solutions while uniting ecosystem partners to build the foundation for the nation's AI era\n-\nSpaceX scrubs Starship launch with seconds to go\nNot all bad news: Crypto billionaire signs up for a mission to Mars\n-\nZTE unveils localized roadmap for Eurasia's digital future at GSMA M360 Eurasia 2026\nDriving \"affordable AI\" through open ecosystems, anti-fragile infrastructure, and optimized TCO to empower local industries\n-\nOutlook has an image problem\nMicrosoft says classic client may lose embedded pictures thanks to wrapping bug\n-\nTechie claims Trump Mobile website was leaking thousands of people's data\nCustomers' info potentially handed to anyone who could send an HTTP request\nFEATURES\n-\nEurope built sovereign clouds to escape US control. Then forgot about the processors\n-\nNobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data\n-\nEurope wants out from under US tech – but first it has to find the exits\n-\nGNOME may rule Ubuntu Resolute Raccoon, but X.org isn't roadkill yet\n-\nOpenClaw, but in containers: Meet NanoClaw\n-\nOpen source registries don't have enough money to implement basic security\n-\nContain your Windows apps inside Linux Windows\n-\nThe Linux mid-life crisis that's an opportunity for Tux-led transformation\n-\nToo much AI for some, too little for others: Why AMD can't win with investors\n-\nHow agentic AI can strain modern memory hierarchies", "url": "https://wpnews.pro/news/fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale", "canonical_source": "https://www.theregister.com/cyber-crime/2026/05/22/fbi-warns-of-kali365-as-device-code-phishing-soars/5245024", "published_at": "2026-05-22 12:27:52+00:00", "updated_at": "2026-05-22 13:03:14.738216+00:00", "lang": "en", "topics": ["cybersecurity"], "entities": ["FBI", "Kali365", "Microsoft"], "alternates": {"html": "https://wpnews.pro/news/fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale", "markdown": "https://wpnews.pro/news/fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale.md", "text": "https://wpnews.pro/news/fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale.txt", "jsonld": "https://wpnews.pro/news/fbi-warns-kali365-phishing-kit-is-stealing-microsoft-oauth-tokens-at-scale.jsonld"}}