The Hacker News

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

PhishingHighphishing

Forg365, a phishing-as-a-service platform sold on Telegram for $400/month, targets Microsoft 365 accounts using device code phishing, AitM session theft, and AI-generated lures, followed by mailbox compromise. This threatens organizations relying on Microsoft 365 email and poses significant risk to email security defenders.

AI summary · generated with Claude

https://thehackernews.com/2026/07/forg365-phaas-targets-microsoft-365.html