FBI Warns of Kali365 Phishing Tool Bypassing Microsoft 365 Multi-Factor Authentication
The FBI has issued a warning about Kali365, a phishing-as-a-service toolkit first detected in April 2026 that targets Microsoft 365 users by bypassing multi-factor authentication. Distributed via Telegram, Kali365 exploits Microsoft's OAuth device code flow to capture access tokens without stealing passwords, enabling attackers to access services like Outlook and Teams. The platform offers automated phishing tools and real-time tracking, lowering the skill barrier for cybercriminals and affecting sectors including healthcare, finance, and government.
First-hand measurement across 2 sources
We measured how 2 outlets covered this story. Coverage leans balanced overall (Left 0%, Centre 100%, Right 0%). Overall sentiment is neutral (38/100). Lens Score 35/100 — moderate-to-low public interest.
Outlets analysed (first-hand measurement by TBN's Bias Engine):
- freepressjournal— balanced framing, neutral sentiment
- mint— balanced framing, neutral sentiment
AI Analysis
The articles primarily present a technical cybersecurity issue without political framing. They focus on the FBI's warning and the mechanics of the Kali365 phishing tool, representing law enforcement and cybersecurity perspectives. There is no evident political bias, as the coverage centers on informing users about the threat and its implications across various sectors.
The overall tone is cautionary and informative, emphasizing the risks posed by Kali365 and the FBI's alert. The sentiment is neutral to slightly negative due to the nature of the cyber threat, focusing on raising awareness and advising vigilance without sensationalism or alarmism.
How 2 sources covered this story
Each source's own headline, political lean, and sentiment — so you can see framing differences at a glance.