Forg365 PhaaS: A New Threat to Microsoft 365 Security
Forg365 phishing-as-a-service uses device-code phishing, AitM, AI lures, and mailbox operations to compromise Microsoft 365 accounts for customers.

Loading
§The archiveMon · Wed · FriM · W · F
Every dispatch we've sent. AI-curated, human-reviewed, from 50+ cybersecurity sources.
Follow on LinkedInForg365 phishing-as-a-service uses device-code phishing, AitM, AI lures, and mailbox operations to compromise Microsoft 365 accounts for customers.
Directory listing on misconfigured server exposed three Evilginx phishing operations that bypass MFA to target Microsoft 365 users.
SonicWall discloses CVE-2026-15409 and CVE-2026-15410 in SMA1000 actively exploited in zero-day attacks; customers urged to patch immediately.
AsyncAPI packages were trojanized after attacker stole an npm publishing token via GitHub Actions, risking developer and CI compromise.
Miasma v3 delivered via trojanized AsyncAPI packages creates persistent backdoors on developer machines and build servers.
Novel OAuth client ID spoofing enables attackers to validate stolen Microsoft Entra credentials and enumerate accounts while evading telemetry.
Jalisco and OmegaLord phishing kits target Microsoft 365, using MFA-evasion techniques to steal credentials and session tokens.
Japan's Nihon Kotsu halts systems after cyberattack impacting dispatch and operations, showing transport-sector operational risks from intrusions.
Joint advisory warns state-sponsored actors are exploiting poorly secured routers across critical infrastructure, risking espionage and disruption.
CISA issues alert urging immediate SharePoint hardening after new exploitations affecting enterprise SharePoint environments were observed.
Retailer Lidl notifies customers after a third-party supplier breach exposed stored customer data hosted externally.
Finnish authorities issue wanted notice for suspect in massive psychotherapy provider Vastaamo breach that exposed sensitive patient records.
Investigation reveals ransomware negotiation firm leaked victims' insurance and strategy to attackers, undermining incident response trust and outcomes.
Anthropic's Claude for Chrome extension has exploitable flaws enabling extensions to read Gmail, Docs, and Calendar data.
Critical ShareFile Storage Zone Controller zero-day forced emergency shutdowns and prompted immediate vendor guidance and patches.
Record Patch Tuesday: Microsoft released fixes for hundreds of vulnerabilities, including multiple zero-days; urgent prioritization required.
Get these articles delivered to your inbox.
Subscribe freeGhostcommit conceals prompt-injection payloads inside PNG images to bypass AI code reviewers and exfiltrate repo secrets.