Microsoft 365 Archives • Daily CyberSecurity

FBI Issues Alert on Kali365 Phishing Platform Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

FBI Issues Alert on Kali365 Phishing Platform

Do Son May 27, 2026

The Federal Bureau of Investigation (FBI) recently issued an urgent public service announcement regarding a dangerous new...

Resurgent Tycoon 2FA Adopts OAuth Device Code Phishing to Hijack Microsoft 365 Tycoon 2FA Phishing Kit OAuth Device Code Phishing

Resurgent Tycoon 2FA Adopts OAuth Device Code Phishing to Hijack Microsoft 365

Do Son May 19, 2026

Just weeks after a massive international law enforcement operation dismantled its primary server infrastructure, the notorious Tycoon...

AI “Vibe Coding” Fuels a Phishing Free-For-All: How EvilTokens Bypasses Microsoft 365 MFA Device Code Phishing EvilTokens PhaaS

AI “Vibe Coding” Fuels a Phishing Free-For-All: How EvilTokens Bypasses Microsoft 365 MFA

Do Son May 19, 2026

A once-obscure technique for bypassing multifactor authentication is exploding across the threat landscape, supercharged by AI “vibe...

AWS Launches “Amazon Quick” to Bridge the Gap Between Desktop and Cloud Amazon Quick AI assistant

AWS Launches “Amazon Quick” to Bridge the Gap Between Desktop and Cloud

Do Son April 29, 2026

As generative artificial intelligence descends from the nebulous clouds to the tangible desktop, AWS has finally unveiled...

Attackers Weaponize Mailbox Rules to Control Your Inbox M365 Persistence Malicious Mailbox Rules

Attackers Weaponize Mailbox Rules to Control Your Inbox

Do Son April 15, 2026

In the modern landscape of Microsoft 365 security, the most dangerous threat might not be a sophisticated...

The Final Countdown: Microsoft Sets October 2026 for Office 2021 Support Shutdown Office 2021 End of Life CVE-2024-21413 KB5002700 Office 2016 Update

Office 2021 End of Life CVE-2024-21413 KB5002700 Office 2016 Update

The Final Countdown: Microsoft Sets October 2026 for Office 2021 Support Shutdown

Do Son April 14, 2026

In accordance with Microsoft’s product lifecycle roadmap, both Microsoft Office 2021 and the Microsoft Office 2021 LTSC...

The Sunset of Speed: Microsoft Sets Final Shutdown Date for Outlook Lite on Android Outlook Lite Retirement 2026

The Sunset of Speed: Microsoft Sets Final Shutdown Date for Outlook Lite on Android

Do Son April 14, 2026

Microsoft has previously disclosed its intention to decommission the Outlook Lite email client for Android. Originally inaugurated...

Russian Military Hackers Hijack Thousands of Home Routers for Global Espionage Forest Blizzard DNS Hijacking

Russian Military Hackers Hijack Thousands of Home Routers for Global Espionage

Do Son April 8, 2026

In a sophisticated campaign uncovered by Microsoft Threat Intelligence, a notorious Russian military-linked threat actor known as...

The Cloud-Only Safety Net: Microsoft to Bypass Local Recycle Bins in Major OneDrive Overhaul OneDrive cloud deletion 2026 OneDrive Facial Recognition, Three-Time Limit OneDrive Suspension, Data Loss

OneDrive cloud deletion 2026 OneDrive Facial Recognition, Three-Time Limit OneDrive Suspension, Data Loss

The Cloud-Only Safety Net: Microsoft to Bypass Local Recycle Bins in Major OneDrive Overhaul

Do Son April 8, 2026

According to Microsoft’s announcement in the Microsoft 365 Admin Center (MC1269861), commencing in May 2026, files deleted...

Iran-Linked “Password Spraying” Targets Municipal Response to Missile Strikes Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Iran-Linked “Password Spraying” Targets Municipal Response to Missile Strikes

Do Son April 6, 2026

Check Point Research (CPR) has been tracking an extensive password-spraying operation targeting Microsoft 365 environments, conducted by...

The May Inquisition: UK Regulators to Probe if Microsoft’s “AI Super-Ecosystem” is Stifling the Cloud Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

The May Inquisition: UK Regulators to Probe if Microsoft’s “AI Super-Ecosystem” is Stifling the Cloud

Do Son April 2, 2026

The United Kingdom’s Competition and Markets Authority (CMA) has once again trained its regulatory magnifying glass upon...

The Windows 11 Civil War: Native Performance Returns While the Microsoft Account Mandate Rages On Windows 11 OOBE Microsoft account bypass

The Windows 11 Civil War: Native Performance Returns While the Microsoft Account Mandate Rages On

Do Son March 23, 2026

Last week, Microsoft issued an official communique heralding a profound metamorphosis of the Windows 11 architecture, slated...

“Exfil Out&Look” Flaw Lets Spies Steal Emails via OWA Undetected Exfil Out&Look Microsoft 365 Logging Gap Outlook Classic KB5074109 freeze, January 2026 POP3 PST bug Outlook Classic POP3 freeze, KB5074109 Windows 11 bug Outlook, CPU Usage Outlook lag Outlook Lite discontinued

Exfil Out&Look Microsoft 365 Logging Gap Outlook Classic KB5074109 freeze, January 2026 POP3 PST bug Outlook Classic POP3 freeze, KB5074109 Windows 11 bug Outlook, CPU Usage Outlook lag Outlook Lite discontinued

“Exfil Out&Look” Flaw Lets Spies Steal Emails via OWA Undetected

Do Son February 2, 2026

A gaping blind spot in Microsoft 365’s logging capabilities allows attackers to steal sensitive emails without leaving...

Excel’s New Brain: Agent Mode Brings GPT-5.2 and Claude 4.5 to Desktop Microsoft Excel Agent Mode 2026, Copilot model selector GPT-5.2 Claude 4.5

Excel’s New Brain: Agent Mode Brings GPT-5.2 and Claude 4.5 to Desktop

Do Son January 29, 2026

The AI Agent framework, underpinned by Microsoft Copilot, has previously graced the web-based iteration of Excel. This...

Microsoft Warns of Surge in Internal Domain Spoofing Internal Phishing Attacks Tycoon2FA

Microsoft Warns of Surge in Internal Domain Spoofing

Do Son January 7, 2026

A wave of sophisticated phishing attacks is hitting organizations by exploiting a classic weakness: the trust users...

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams Supply Chain Phishing, npm Abuse

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams

Do Son December 25, 2025

A new investigation by The Socket Threat Research Team has uncovered a sophisticated spear-phishing operation that has...

Hackers Abuse “Device Codes” to Bypass Security and Seize Microsoft 365 Accounts Device Code Phishing, Microsoft 365 OAuth

Hackers Abuse “Device Codes” to Bypass Security and Seize Microsoft 365 Accounts

Do Son December 22, 2025

Cybercriminals have found a new way to turn corporate security protocols against themselves, weaponizing a legitimate Microsoft...

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures

Do Son December 12, 2025

Just as employees begin anticipating their year-end performance reviews, a sophisticated new phishing campaign has emerged, turning...

ToddyCat APT Steals Microsoft 365 Cloud Email by Dumping OAuth Tokens from Memory and Copying Locked OST Files ToddyCat OAuth Token Theft, Outlook OST Stealer

ToddyCat OAuth Token Theft, Outlook OST Stealer

ToddyCat APT Steals Microsoft 365 Cloud Email by Dumping OAuth Tokens from Memory and Copying Locked OST Files

Do Son November 25, 2025

Kaspersky Lab has published new findings revealing how the ToddyCat APT group has significantly upgraded its cyber-espionage...

Thunderbird 145: Native Microsoft Exchange Support Makes Outlook Migration Easy! Thunderbird for iOS Thunderbird Exchange Native EWS Support

Thunderbird 145: Native Microsoft Exchange Support Makes Outlook Migration Easy!

Do Son November 20, 2025

The Mozilla Foundation’s open-source email client Thunderbird has released version 145.0, introducing full, native support for Microsoft...

Critical Alert 1 Active Exploit Detected Today