Home / Jul 14, 2026 / Story
0
#10 The Hacker News general July 13, 2026 at 13:03 UTC

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

By [email protected] (The Hacker News)

AI Summary

Forg365, a new phishing-as-a-service platform sold via Telegram for $400/month or $3,800/year, combines device code phishing, adversary-in-the-middle session theft, AI-generated lures, and antibot evasion to compromise Microsoft 365 accounts. Security teams should update conditional access policies and monitor for device code flow abuse, as the low cost of entry makes this toolkit accessible to a wide range of threat actors.

Relevance score: 73.0/100

# More from July 14