mfa-bypass
Safeguard articles tagged "mfa-bypass" — guides, analysis, and best practices for software supply chain and application security.
4 articles
FBI Warns on Kali365: A PhaaS Kit That Steals M365 OAuth Tokens and Bypasses MFA (May 2026)
The FBI's May 21, 2026 IC3 advisory details Kali365, a Telegram-distributed phishing-as-a-service kit that uses device-code phishing to capture Microsoft 365 access and refresh tokens, granting password-free, MFA-immune persistence.
The 'Code of Conduct' Phishing Wave: AiTM Token Theft Hit 13,000 Orgs (May 2026)
Microsoft detailed a polished phishing campaign that weaponized fake HR 'code of conduct' investigations to steal session tokens via adversary-in-the-middle proxies, bypassing MFA across 13,000+ organizations in 26 countries.
The Vercel Breach: A Forgotten OAuth Grant Became a SaaS Supply-Chain Pivot (May 2026)
An infostealer infection at AI startup Context.ai let attackers reuse a Vercel employee's months-old Google Workspace OAuth grant to bypass MFA and exfiltrate customer environment variables. Disclosed April 2026, the fallout deepened through May.
Multi-Factor Authentication Bypass via Privilege Escalation
Attackers increasingly skip cracking MFA altogether — they escalate privileges around it. Real cases from Microsoft, Uber, and SolarWinds show how, and what actually stops it.