Skip to content
Microsoft 365 logo

Microsoft 365 in the Media

189 mentions across press, blogs, and newsletters

Top coverageReutersThe VergeTechRadarThe Next WebPCMag
2 major ·9 tech media

July 2026

The Stack

Runtime: Buildkite soars as the CI for AI; the Swiss don't miss Microsoft 365, and...

+ Luffy talks about AI for drones, Meta spends big on the bayou, and Apple's leaky offboarding process.

Jul 14, 2026
GBHackers

Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens

A misconfigured server in Budapest exposed a live phishing operation built to bypass Microsoft 365 multi-factor authentication and retain access to compromised accounts. The server, hosted at 185.163.204[.]7185.163.204[.]7185.163.204[.]7, was running python3 -m http.server 8080 with directory lis

Jul 13, 2026
Cybersecurity News

Forg365 Phishing Platform Using AI to Attack Microsoft 365 Accounts

Forg365 is a phishing-as-a-service platform that targets Microsoft accounts, combining AI-powered phishing, session theft, and post-compromise mailbox access in a single operator panel The platform is reportedly distributed through Telegram, where criminals can access a 30-day trial, pay about pe

Jul 11, 2026
Neowin

OpenAI's GPT-5.6 becomes the preferred model in Microsoft 365 Copilot

Microsoft is pivoting back to its primary partner OpenAI with a day-one integration of GPT-5.6 model series to supercharge Word, Ex

Jul 10, 2026
GBHackers

Forg365 PhaaS Uses Telegram and AI Lures to Hijack Microsoft 365 Accounts

Forg365 is a commercial phishing-as-a-service (PhaaS) platform specifically targeting Microsoft 365 users. It employs methods such as device-code phishing, adversary-in-the-middle (AiTM) workflows, AI-assisted lure generation, and token persistence tools. The platform’s onboarding process t

Jul 10, 2026
Quartz

OpenAI's newest AI model is becoming the preferred engine for Microsoft 365 Copilot

The model, which only received broad U.S. regulatory clearance this week, is now rolling out across Word, Excel, PowerPoint, Chat, and Cowork

Jul 10, 2026
Newsbytes

GPT 5.6 is the 'preferred model' for Microsoft 365 Copilot

OpenAI has announced that its latest model, GPT 5.6, will be the "preferred model" for Microsoft 365 Copilot.

Jul 10, 2026
FirstPost

OpenAI names GPT 5.6 the ‘preferred model’ for Microsoft 365 Copilot amid partnership questions

Days after reports suggested Microsoft was leaning more heavily on its own AI models to reduce costs, OpenAI has reaffirmed the strength of its relationship with the tech giant. The company says its newly launched GPT 5.6 will become the preferred model powering Microsoft 365 Copilot across key prod

Jul 10, 2026
Nerds.xyz

GPT-5.6 lands in Microsoft 365 Copilot, and yes, Excel is supposed to get smarter

<img alt="GPT-5.6 lands in Microsoft 365 Copilot, and yes, Excel is supposed to get smarter" class="attachment-large size-large wp-post-image" height="471" src="https://nerds.xyz/w

Jul 9, 2026
Help Net Security

Extortion crew hijacks Microsoft 365 accounts via fake passkey setup

The Pink cyber extortion crew is tricking employees into giving them access to their Microsoft 365 accounts by faking Entra passkey enrollment requests. The attack The attack starts with a vishing call to an employee. The caller poses as IT and says it’s time to set up a passkey. Everything

Jul 9, 2026
PCMagTech Media

Microsoft 365 Apps Favoring Company's AI Models Over ChatGPT, Claude

It comes after Microsoft's CEO of AI, Mustafa Suleyman, said at Build that the plan is to 'reduce and ultimately eliminate' spend on external AI models.

Jul 8, 2026
Computer World

Microsoft 365 users fall victim to one-in-a-million password spray attack

Micro

Jul 3, 2026
Cybersecurity News

Microsoft 365 Phishing Panel Uses OAuth Device Code Flow to Capture Tokens and Persist Access

A newly uncovered phishing panel called ARToken is giving cybercriminals an easy way to steal Microsoft 365 login sessions without ever touching a password. The tool works by abusing a legitimate Microsoft sign in feature meant for devices without a keyboard or browser, tricking victims into appr

Jul 2, 2026
GBHackers

EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft

A fully featured phishing-as-a-service (PhaaS) panel named “ARToken” that closely mirrors the EvilTokens infrastructure first profiled in early 2026, but with a broader and deeper post-compromise toolkit. ARToken’s React single-page application exposes more than 80 API endpoints enabling device-c

Jul 2, 2026
Computer World

Microsoft 365 Copilot: Office meets genAI and agents

Initial

Jul 2, 2026
GBHackers

LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts

A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million login attempts. This campaign has led to at least 78 confirmed account compromises across 64 organizations between June 12 and June 26, 2026.

Jul 2, 2026
Help Net Security

The ARToken phishing panel targets Microsoft 365 accounts

Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in April 2026, addressed to the person who handles payments and written in the voice of a Wisconsin contractor’s billing

Jul 1, 2026

June 2026

Cybersecurity News

Microsoft 365 Apps RCE Vulnerability Exploited Using a Malicious Excel File

Microsoft has disclosed a critical remote code execution vulnerability in its Office ecosystem that can be exploited through a malicious Excel file. The vulnerability, tracked as CVE-2025-60727, affects multiple versions of Microsoft Office and underscores the continued risk posed by document-bas

Jun 29, 2026
TechRadarTech Media

'Plenty of AI tools claim to be built for finance; Microsoft 365 Copilot in Excel is proving it in practice': Microsoft is fuelling up Excel with lots more AI tools for finance workers

Microsoft has launched even more AI tools for Excel to maintain the software's position as a go-to finance tool.

Jun 29, 2026
GBHackers

Microsoft 365 Apps RCE Vulnerability Lets Attackers Execute Code via Malicious Excel Files

A newly disclosed remote code execution (RCE) vulnerability in Microsoft 365 Apps is raising concerns in enterprise environments. Attackers can exploit malicious Excel documents to execute arbitrary code on target systems. This vulnerability, tracked as CVE-2025-60727, arises from an out-of-bound

Jun 29, 2026
Help Net Security

Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials

Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTML and JavaScript att

Jun 26, 2026
EconomicTimes - IndiaTimes

Italy regulator probes Microsoft over 'Microsoft 365' price hike

Italy's antitrust watchdog has launched a probe into Microsoft for alleged unfair practices concerning its Microsoft 365 subscription price increase. The regulator claims consumers weren't properly notified about the integration of AI tools like Copilot and Designer. Customers were automatically shi

Jun 26, 2026
ReutersMajor Publication

Italy regulator probes Microsoft over 'Microsoft 365' price hike

I

Jun 26, 2026
The Next WebTech Media

Italy opens an antitrust probe into Microsoft 365’s AI price rise

The regulator says customers were moved to a pricier Copilot-bundled plan unless they actively opted out, with too little information to choose. The m

Jun 26, 2026
Neowin

Microsoft adds new AI study and teaching tools for free to Microsoft 365 Education

Microsoft is adding a bunch of AI-powered tools for both teachers and students in its Microsoft 365 Education suite for no additional charg

Jun 24, 2026
Cybersecurity News

New Phishing Attack Abuses Outlook and Microsoft 365 Groups Features to Attack Users

Phishing attacks have grown more sophisticated, and attackers are no longer relying on clunky fake emails or obvious scam messages. A newly identified campaign shows how threat actors are turning everyday Microsoft 365 tools into weapons, hiding their attacks inside the very workflows employees t

Jun 23, 2026
Help Net Security

Phishing hides in routine Microsoft 365 workflows

Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique shifts malicious intent away from a single phishing email into a trusted productivity workflow. A user may see what looks like a norma

Jun 23, 2026
DigitalTrends

Windows 11 is getting Copilot on Microsoft 365 Business accounts again, unless you’re in Europe

Microsoft made Copilot optional in April. It's force-installing it again in June, this time through Office updates, and EU users are the only ones being spared.

Jun 22, 2026
GBHackers

Microsoft 365 Sensitivity Labels Now Block AI-Powered Content Analysis in Office Apps

Microsoft has announced a significant update to its Microsoft 365 ecosystem to enhance data protection. This update will prevent AI-powered and connected content analysis in Office applications when sensitivity labels are applied. According to Microsoft, the company is expanding the enforcement o

Jun 22, 2026
CMOtech UK

ShareGate adds Entra ID migration for Microsoft 365

IT teams can now plan Microsoft 365 tenant moves around identity first, reducing clashes before mailboxes and workloads are migrated.

Jun 19, 2026
eSecurity Planet

SearchLeak Flaw Exposed Sensitive Data in Microsoft 365 Copilot

SearchLeak could have enabled one-click theft of sensitive Microsoft 365 Copilot data. The post SearchLeak Flaw Exposed Sensitive Data in Microsoft 365 Copilot appeared f

Jun 18, 2026
XDA Developers

I'm done with Microsoft 365 accounts, and I'm watching Nextcloud's new office suite

Nextcloud's new office suite is based on the best free solution out there, but it could be an even bigger threat to Microsoft's dominance.

Jun 18, 2026
testingcatalog.com

Microsoft launches Copilot Cowork globally for Microsoft 365

What's new? Microsoft announced Copilot Cowork, a cloud-hosted agent system that runs multi tool tasks; it has a usage based billing model and Adobe, Miro and Atlassian plugins;

Jun 18, 2026
WinBuzzer

How Microsoft Copilot Is Changing Everyday Workflows in Windows and Microsoft 365

Artificial intelligence has stoppe

Jun 17, 2026
TechRadarTech Media

Microsoft 365 Copilot can be turned into a one-click data theft tool — inbox, OneDrive, and SharePoint data all at risk, so patch now

Varonis found a way to chain three bugs into one exploit that can lead to data exfiltration.

Jun 16, 2026
Cybersecurity News

Microsoft 365 Device Code Phishing Campaign Bypasses Password Theft With Legitimate Login Flow

A new phishing campaign targeting Microsoft 365 users has been uncovered, and it takes a different approach than most attacks seen in the wild. Instead of trying to steal a victim’s password directly, this campaign tricks users into completing a real Microsoft authentication process that qu

Jun 16, 2026
GBHackers

Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts

An active campaign in which attackers are abusing Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. Rather than capturing credentials with a fake login page, the threat actors persuade victims to complete a genuine Microsoft authentication pr

Jun 16, 2026
The Cyber Express

Critical SearchLeak Flaw in Microsoft 365 Copilot Exposed Sensitive Enterprise Data

<img alt="SearchLeak vulnerability" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" height="614" src="https://thecyberexpress.com/wp-content/uploads/SearchLeak-vulnerability.webp" title="Critical SearchLeak Flaw in Microsoft 365 Copilot Exposed Sensitive Enterprise Data 5" wid

Jun 16, 2026
scworld.com

SearchLeak vulnerability allows data theft from Microsoft 365 Copilot Enterprise

The SearchLeak vulnerability, identified as CVE-2026-42824, is a three-stage attack chain developed by Varonis researchers.

Jun 15, 2026
Neowin

Microsoft brings Planner Agent to all Microsoft 365 Copilot users

You can now create, manage, and get insights about Planner tasks with prompts inside Microsoft 365 Copilot. <a href="https://www.n

Jun 15, 2026
Livemint

What is Kali365? FBI warns Telegram-based phishing service targeting Microsoft 365 users

The platform, first detected in April 2026, is being actively distributed through Telegram channels and is designed to help even low-skilled attackers conduct sophisticated phishing campaigns.

Jun 15, 2026
The Hacker News

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link poin

Jun 15, 2026
Cybersecurity News

Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click

A critical vulnerability chain in Microsoft 365 Copilot Enterprise that let attackers steal sensitive corporate data, MFA codes, email contents, calendar details, and confidential files with nothing more than a single click on a link pointing to a legitimate Microsoft domain. Dubbed SearchLeak, u

Jun 15, 2026
BleepingComputer

New attack turned Microsoft 365 Copilot into 1-click data theft tool

A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL. [...]

Jun 15, 2026
The Next WebTech Media

NHS England rolls out Microsoft 365 Copilot to 505,000 staff after trial reports 43 minutes saved per day

NHS England is giving more than 505,000 clinicians and support staff access to Microsoft 365 Copilot in what will be the largest AI deployment in healthcare

Jun 14, 2026
Help Net Security

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials

A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser authentication windows, according to Palo Alto Networks Unit 42. The attack relies on a fake browser window embedded within a webpage. Victims

Jun 10, 2026
Cybersecurity News

New Browser-in-the-Browser Phishing Attack to Steal Microsoft 365 Logins

A new and sophisticated Browser-in-the-Browser phishing campaign has been discovered targeting Microsoft 365 users, using a fake login popup that is nearly impossible to tell apart from the real thing. The attack is so convincing that even tech-savvy users can fall for it without realizing their

Jun 9, 2026
GBHackers

New BitB Phishing Attack Targets Microsoft 365 Logins

A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog. However, it is embedded in the page

Jun 9, 2026
CMOtech UK

Inforcer launches Microsoft 365 threat response for MSPs

MSPs can now detect and contain Microsoft 365 breaches in one platform, as Inforcer adds incident response to its security suite.

Jun 9, 2026
Hackread

New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication and steal files from cloud environments.

Jun 6, 2026
Cybersecurity News

Microsoft 365 Service Degradation Bypassed Windows Driver Auto-Update Controls

Microsoft has resolved a Microsoft 365 service degradation issue that temporarily bypassed Windows driver auto-update controls, leading to unintended driver installations on managed devices. The issue affected Windows devices configured with policies designed to prevent automatic updates, particu

Jun 5, 2026
The Cyber Express

Pink Extortion Group Emerges Targeting Microsoft 365 Data

A newly i

Jun 4, 2026
TechRepublicTech Media

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

A debug flag left active in six Microsoft 365 Android apps allowed another installed app on the same device to request account tokens without user interaction. The post Microsoft 365 Android Apps Had a To

Jun 4, 2026
ZDNetTech Media

Is Microsoft 365 Premium worth it? What $20 a month gets you - and how it compares to ChatGPT Plus

Microsoft is offering a 50% discount to 365 subscribers who want more AI Copilot features. Here's what's included.

Jun 4, 2026
Cybersecurity News

Kali365 PhaaS Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger

A new and fast-growing phishing operation is making waves in the cybersecurity world, and it is moving far beyond its original targets. Kali365, a phishing-as-a-service (PhaaS) platform first spotted in April 2026, was initially built to steal Microsoft 365 login tokens by tricking users into aut

Jun 4, 2026
eSecurity Planet

Barracuda Finds Malicious Microsoft 365 Logins Are Blending In

Barracuda finds that trusted Microsoft 365 logins can hide attacks. The post Barracuda Finds Malicious Microsoft 365 Logins Are Blending In appeared first on <a href="http

Jun 4, 2026
darkreading

Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover

A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.

Jun 3, 2026
wccftech.com

Microsoft Treats Apple Users As Second-Class Citizens, Stripping Office 2019 Of Any Utility While Windows And Microsoft 365 Customers Remain Unscathed

As someone who bought Microsoft's Office 2019 lifetime license around 7 years back, the imminent end of support for the software suite on Apple's platforms feels surreal, made all the more incredulous by the patently blasé attitude with which Microsoft is approaching this blatant forced obsolescence

Jun 3, 2026
Cybersecurity News

Microsoft 365 Android Apps Account Takeover Vulnerability Impacted Billions of Android Users

A single forgotten development flag left active in production code silently handed Microsoft account tokens to any app on an Android device, exposing billions of users across six major Microsoft 365 apps to account takeover without any interaction or consent. The vulnerability, dubbed FlagLe

Jun 3, 2026
TipRanks

Veeam Highlights Third-Party Validation of Microsoft 365 Data Protection Offering

<a href="https://news.google.com/rss/articles/CBMiyAFBVV95cUxNQ3ExRktTcUc1cEdOQ011Q0d6a3huWFdwdFdNUTZ2S2RoX0ZLSzIwSkRyZnlzNVUyd3hPN2JBQjFzeDNoVFFic21VRHFSUWdULTVEYTdmTVg4TEpIRGJHNHF2ZTcyYnVEQkFxYkt2aHgyZFN5akdtX0E5Q1VQSUt0WWtVc3B6OEhSd0I1b3ZzS28zLUxkdXdHbDZZd1I0UW44dE1rQVJtV0gyUmJ4Sk5PMXNaWF9HaGxDZW

Jun 1, 2026

May 2026

WinBuzzer

Microsoft 365 Copilot Gets Clean ISO 42001 Audit as Copilot Studio Joins Scope

Microsoft 365 Copilot's reported M

May 30, 2026
Windows Central

Meet EuroOffice, Europe’s bold alternative to Microsoft 365 promising sovereignty and control

EuroOffice is Europe’s bold new alternative to Microsoft 365, promising sovereignty and control over productivity tools.

May 30, 2026
MashableTech Media

A lifetime license for Word, Excel, PowerPoint, and more now costs less than 2 years of Microsoft 365

Microsoft Office 2024 comes with Word, Excel, PowerPoint, and more, and a lifetime license is only $130

May 30, 2026
Windows Central

This Dell laptop comes with a free year of Microsoft 365, Xbox Game Pass, and a custom Xbox controller — for under $800

The Dell 16 Plus is heavily discounted right now for eligible students. The deal also includes free Microsoft 365, Xbox Game Pass, and a custom Xbox controller.

May 29, 2026
Thurrott

Microsoft 365 Copilot App Gets a New Design and Performance Improvements

Microsoft 365 Copilot, the enterprise version of Microsoft’s AI chatbot, has just received a fresh coat of paint and some performance improvements. The post Microsoft 365

May 29, 2026
Help Net Security

Microsoft 365 Copilot redesign brings context and actions into one workspace

Microsoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves as a single, flexible entry point to Copilot across Microsoft 365 apps, suggesting relevant actions based on the user’s work. A redesig

May 29, 2026
Neowin

Microsoft 365 Copilot gets a major redesign and performance boost

Microsoft is rolling out a cleaner and faster Microsoft 365 Copilot redesign with smarter contextual UI and improved response times

May 29, 2026
The VergeMajor Publication

Microsoft 365 Copilot gets a speed boost and cleaner design

Microsoft is launching a revamped version of Microsoft 365 Copilot, offering a cleaner design that the company claims loads twice as fast. As part of this update, Copilot will provide more reliable and structured responses that are easier to scan, according to Microsoft. The redesign, which is rolli

May 28, 2026
TechRadarTech Media

The FBI warns Microsoft 365 services are being bombarded with new phishing emails — here are 3 steps you can take to stay safe

Kali365 is abusing legitimate Microsoft login mechanisms to hijack Outlook, Teams, and OneDrive services.

May 28, 2026
NYPost

FBI sounds alarm on phishing tool that steals Microsoft 365 accounts without passwords

The feds say that Kali365 makes it easy for even amateur hackers to run advanced phishing scams that used to require serious technical skills.

May 28, 2026
Neowin

Microsoft 365 Copilot clears AI security audit once again

Microsoft 365 Copilot has passed another external ISO 42001 audit with zero issues as Microsoft highlights major AI governance chang

May 28, 2026
WinBuzzer

Microsoft Is Redesigning Copilot as a Quieter, Coordinated Workflow Layer Across Microsoft 365

Microsoft is building a quieter desig

May 27, 2026
American Banker

FBI: Phishing-as-a-service kit hijacks Microsoft 365

Regulators pushed banks toward multifactor authentication. A new phishing-as-a-service kit, flagged by the FBI, is built to slip right past it.

May 27, 2026
How To Geek

Google’s office apps are free, but I still pay for Microsoft 365 for these 4 reasons

To each their own?

May 27, 2026
Neowin

Microsoft 365 Copilot Notebooks gets new tools to turn documents into mind maps and more

The refreshed interface of Copilot Notebooks in the Microsoft 365 Copilot app now consolidates chats, creations, and references in a single locat

May 26, 2026
CyberInsider

FBI warns of Kali365 phishing kit targeting Microsoft 365 accounts

The FBI has issued a warning about a phishing-as-a-service (PhaaS) platform known as “Kali365” that is being used to compromise Microsoft 365 accounts through sophisticated phishing and adversary-in-the-middle (AiTM) attacks. According to a public advisory published by the FBI’s Internet Crime Co

May 26, 2026
Quartz

FBI warned Microsoft 365 users about a new phishing tool that bypasses two-factor authentication

The Kali365 platform, distributed via Telegram since April, lets attackers steal OAuth tokens and access Outlook, Teams, and OneDrive without a password

May 26, 2026
Android Police

I tried switching to Microsoft 365, but this one Google feature pulled me back

After a month on Microsoft 365, Gemini's loop pulled me back

May 25, 2026
BleepingComputer

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]

May 25, 2026
Infosecurity Magazine

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI

May 25, 2026
The Cyber Express

FBI Flags Kali365 as New Phishing Threat Targeting Microsoft 365 Users

The

May 25, 2026
CyberScoop

FBI warns about fast-growing phishing kit targeting Microsoft 365 users

Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. The post FBI warns about fast-growing ph

May 22, 2026
The Record

FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks

The law enforcement agency published an advisory on Thursday about Kali365 — a Telegram-based service for cybercriminals that allows them to capture legitimate "OAuth" tokens enabling widespread access to Microsoft 365 environments.

May 22, 2026
Hackread

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account

FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.

May 22, 2026
Cybernews

OpenDesk is not yet a fully-fledged alternative to Microsoft 365

OpenDesk is not yet a fully-fledged alternative to Microsoft 365 <fon

May 22, 2026
Cybersecurity News

FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA

The FBI has issued a new cybersecurity warning about a rapidly emerging phishing-as-a-service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users to steal access tokens and bypass multi-factor authentication (MFA). Kali365 is being distributed primarily through Telegra

May 22, 2026
Help Net Security

Microsoft 365 users targeted by new phishing threat that bypasses MFA

Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 has been distributed through Telegram, allowing cybercriminals to obtain Microsoft 365 access tokens and bypass MFA withou

May 22, 2026
GBHackers

FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins

The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables a

May 22, 2026
GBHackers

Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data

Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked as Storm-2949, targeting Microsoft Entra ID accounts to steal sensitive data from Microsoft 365 and Azure environments. Instead o

May 19, 2026
Cybersecurity News

Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data

A compromised version of the widely used Nx Console VS Code extension was published to the Visual Studio Code Marketplace on May 18, 2026, silently targeting developer credentials, cloud infrastructure tokens, and CI/CD pipeline secrets across thousands of machines. The incident marks the second

May 19, 2026
The Cyber Express

Microsoft Details Storm-2949 Cloud Attack on Azure and Microsoft 365

Microsoft Threat Intel

May 19, 2026
eSecurity Planet

Device Code Phishing Targets Microsoft 365 Users

Proofpoint warns that device code phishing attacks are rapidly growing across Microsoft 365 environments. The post Device Code Phishing Targets Microsoft 365 Users appeared first on <a

May 18, 2026
BleepingComputer

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [...]

May 17, 2026
Cybersecurity News

Hackers Abuse OAuth Device Authorization Flow to Steal Microsoft 365 Tokens

Hackers are exploiting a little-known feature of Microsoft’s authentication system to steal account credentials at scale. Device code phishing campaigns now target organizations worldwide by manipulating the OAuth device authorization flow, turning a security feature into a major vulnerabil

May 15, 2026
GBHackers

Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens

Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits and phishing-as-a-service (PhaaS) platforms,

May 15, 2026
CMOtech UK

Workday brings HR & finance tasks into Microsoft 365

Employees can now handle leave, payslip and expense queries without leaving Microsoft 365, as Workday pushes HR and finance work into Copilot.

May 14, 2026
Blockonomi

Anthropic Unveils Claude for Small Business with QuickBooks and Microsoft 365 Integration

Anthropic's Claude for Small Business integrates with QuickBooks and Microsoft 365, while legal AI tools expand. Revenue run rate soars to $30 billion. The post Anthr

May 13, 2026
XDA Developers

I canceled Microsoft 365, and I was wrong to dread it

I kept putting off canceling my subscription, fearing a chaotic outcome, but weeks after canceling, things are better than ever.

May 13, 2026
Windows Central

New Copilot keyboard shortcuts are coming to Microsoft 365

Microsoft is standardizing Copilot access across Windows, Mac, and Web by replacing varied app triggers with a single floating UI and the Alt + C shortcut.

May 12, 2026
GBHackers

Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data

Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If successfully exp

May 11, 2026

Toolradar Research

See Microsoft 365 in context: The SaaS Press Index 2026

We analyzed 6,704 press mentions across 290 outlets to rank which SaaS tools win coverage. Find Microsoft 365's position relative to the 488 most-covered tools.

Read the report

Explore Microsoft 365

Press coverage is one signal. See the full picture.