#8
BleepingComputer
general
July 14, 2026 at 12:49 UTC
New phishing kits target Microsoft 365 accounts, evade MFA
By Bill Toulas
AI Summary
Two newly identified phishing kits, Jalisco and OmegaLord, are actively targeting Microsoft 365 accounts using adversary-in-the-middle techniques to bypass multi-factor authentication. The kits intercept session tokens in real time, rendering standard MFA ineffective against credential theft. Their discovery reinforces findings from a separate Dark Reading report showing MFA was deployed but failed in 97% of credential-based ransomware attacks last year.
Relevance score: 80.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →