Home / Jul 16, 2026 / Story
0
#8 BleepingComputer general July 14, 2026 at 12:49 UTC

New phishing kits target Microsoft 365 accounts, evade MFA

By Bill Toulas

AI Summary

Two newly identified phishing kits, Jalisco and OmegaLord, are actively targeting Microsoft 365 accounts using adversary-in-the-middle techniques to bypass multi-factor authentication. The kits intercept session tokens in real time, rendering standard MFA ineffective against credential theft. Their discovery reinforces findings from a separate Dark Reading report showing MFA was deployed but failed in 97% of credential-based ransomware attacks last year.

Relevance score: 80.0/100

# More from July 16