top of page
ALL POSTS
FBI Alert: Kali365 Phishing Kit Rapidly Targeting Microsoft 365 Users
Key Findings FBI issued public service announcement about Kali365, a phishing-as-a-service platform targeting Microsoft 365 users since April 2026 Platform bypasses multi-factor authentication by abusing OAuth device code authorization flows Kali365 lowers technical barriers for cybercriminals by providing AI-generated phishing lures, automated templates, and real-time tracking dashboards Captured OAuth tokens grant persistent access to Microsoft 365 accounts, enabling data t
May 223 min read
CISA and BSI Alert Organizations to Critical PTC Windchill and FlexPLM Vulnerability
Key Findings CISA and BSI issued critical warning for CVE-2026-4681 affecting PTC Windchill and FlexPLM with CVSS score of 10.0 No patches available at time of advisory; exploitation could be imminent according to German media reports Remote Code Execution vulnerability exploitable through deserialization of untrusted data German police conducted unprecedented physical visits to companies to warn administrators, some at 3:30 AM PTC released indicators of compromise despite st
Mar 282 min read
bottom of page
