Kali365 phishing kit bypasses MFA and steals Microsoft logins

When the Federal Bureau of Investigation FBI publishes a dedicated public service announcement about a new phishing kit, it’s worth paying attention to. The agency is now warning about “Kali365,” a phishing‑as‑a‑service PhaaS platform that helps even low‑skilled attackers hijack Microsoft 365...

CVE-2026-34721

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This vulnerability is fixed in 7.0.1 and 6.5.4...

CVE-2026-34721

Zammad (web-based helpdesk) has a CSRF vulnerability in the OAuth callback endpoints for external credentials (Microsoft, Google, Facebook). Prior to versions 7.0.1 and 6.5.4, these endpoints do not validate the CSRF state parameter, enabling potential CSRF-like behavior in the OAuth flow. The is...

PT-2026-31418

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description The OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This could allow an attacker to potentially compromise...

Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds

New research from Recorded Future reveals how Russian state hackers BlueDelta are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims...

Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar

The malware authors associated with a Phishing-as-a-Service PhaaS kit known as Sneaky 2FA have incorporated Browser-in-the-Browser BitB functionality into their arsenal, underscoring the continued evolution of such offerings and further making it easier for less-skilled threat actors to mount...

CVE-2025-64754

Jitsi Meet (open‑source video conferencing) contains a DOM/OAuth flow vulnerability affecting versions prior to 2.0.10532, where an attacker could hijack the Microsoft account OAuth authentication window. The issue is fixed in 2.0.10532. No workarounds are documented. Remediation: upgrade to 2.0....

Critical 'nOAuth' Flaw in Microsoft Azure AD Enabled Complete Account Takeover

A security shortcoming in Microsoft Azure Active Directory AD Open Authorization OAuth process could have been exploited to achieve full account takeover, researchers said. California-based identity and access management service Descope, which discovered and reported the issue in April 2023, dubb...

US Defense & NGOs fall prey to Russian hackers

Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Russian state-sponsored group Calisto is linked to spoofing Microsoft login pages of Global Ordnance, a legitimate U.S. military weapons and hardware supplier. According to some, the themed domains are...

How to spot a DocuSign phish and what to do about it

Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. And the brands phishers like most are the ones youre expecting to hear from, or wouldnt be surprised to hear from, like Amazon or DHL. Now you can add DocuSign to that list...

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of...

TurkeyBombing Puts New Twist on Zoom Abuse

Millions of family and friends, forced to spend Thanksgiving socially distant, are being targeted by cybercriminals as they turn to video platforms like Zoom to virtually be together. In this ongoing attack, cybersecurity experts warn, victims are targeted with a Zoom-related and...

Discuz! DiscuzX Logic Flaw Vulnerability

Discuz! DiscuzX is an online forum system. A logic flaw vulnerability exists in Discuz! DiscuzX version 3.4, which can be exploited by remote attackers to bypass the disable restriction setting by sending a non-existent wxopenid value when microsoft login is enabled...