#10
The Hacker News
general
July 13, 2026 at 13:03 UTC
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
By [email protected] (The Hacker News)
AI Summary
Forg365, a new phishing-as-a-service platform sold via Telegram for $400/month or $3,800/year, combines device code phishing, adversary-in-the-middle session theft, AI-generated lures, and antibot evasion to compromise Microsoft 365 accounts. Security teams should update conditional access policies and monitor for device code flow abuse, as the low cost of entry makes this toolkit accessible to a wide range of threat actors.
Relevance score: 73.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →