All CosmicBytez Labs articles tagged #Microsoft 365, across news, security advisories, how-to guides, and projects.
An attacker's operational security mistake — leaving a Python HTTP server and .bash_history exposed on a public port — allowed researchers to uncover three simultaneous Evilginx phishing campaigns targeting Microsoft 365 credentials.
Phishing kits now fingerprint victims via user-agent headers to deliver OS-specific payloads automatically — device code phishing attacks spiked 1,380% in...
A two-week password-spray campaign generated over 81 million Microsoft 365 login attempts against 64 organizations, exploiting misconfigured MFA policies...
DragonForce hides C2 inside Microsoft Teams relay traffic; a SearchLeak attack weaponizes M365 Copilot for one-click data exfiltration; iRhythm confirms...
The FBI has published an advisory on Kali365, a Telegram-based phishing-as-a-service platform that captures legitimate OAuth tokens to gain persistent...
The Tycoon2FA phishing-as-a-service platform has added device-code phishing to its arsenal and abuses Trustifi click-tracking URLs to bypass Microsoft 365...
A new iteration of the ConsentFix attack toolkit has surfaced on cybercriminal forums, adding automation and scaling capabilities to OAuth consent...
Eight settings inside the Microsoft 365 admin console that take less than two hours to configure and block 90% of the credential-based attacks targeting…
Device code phishing attacks abusing the OAuth 2.0 Device Authorization Grant flow have exploded 37-fold in 2026 as ready-made phishing kits proliferate...
Comprehensive security checklist for Microsoft 365 and Entra ID tenants — Conditional Access policies, MFA enforcement, audit logging, DLP configuration,...
Harden your Microsoft 365 tenant with security baselines, conditional access policies, data loss prevention, audit logging, and compliance configurations...
Implement a comprehensive security baseline for Microsoft 365 tenants covering identity protection, email security, endpoint management, data governance,...
Secure your Exchange Online environment with mail flow rules, anti-spam policies, DMARC enforcement, admin audit controls, and mailbox permission hardening.
Configure Windows Autopilot for zero-touch device deployment. Covers hardware hash import, deployment profiles, ESP configuration, and user-driven enrollment.