New Delhi, June 16 -- The Federal Bureau of Investigation (FBI) has issued a public warning about a newly identified cybercrime platform called Kali365, a "Phishing-as-a-Service" (PhaaS) toolkit that is being used to target Microsoft 365 users by bypassing multi-factor authentication (MFA) protections.

The platform, first detected in April 2026, is being actively distributed through Telegram channels and is designed to help even low-skilled attackers conduct sophisticated phishing campaigns.

Kali365 is a cybercrime subscription service that allows threat actors to carry out automated phishing attacks against cloud-based accounts, particularly Microsoft 365 environments.

According to the FBI, the platform provides attackers with ready-m...