Microsoft 365

Subscribe to Microsoft 365 via RSS

As we have warned before, threat actors using QR codes in attacks against victims continue to rise. To illustrate the risk, on January 8, 2026, the FBI issued a FLASH alert, entitled “North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities.”

The alert warns that North Korean state-sponsored actors (Kimsuky)

In a recent blog post, KnowBe4 reported that it has “uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s completely changing the game for cybercriminals—turning what used to be complex, technical phishing setups into simple one-click launches that can bypass

Dark Reading reports that thousands of college and university students are being targeted by cyber-attackers who are using a legitimate domain to impersonate Instagram and steal credentials of the users. The attack is able to evade security measures of Microsoft 365 and Exchange.

According to the report, “The socially engineered attack, which has targeted nearly

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recently released a free tool that will assist organizations with identifying indicators of compromise following threat activity in Microsoft 365 and Azure Environments.

The new CISA Hunt and Incident Response Program (CHIRP) tool, “is a forensics collection tool that CISA developed to help network