ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Jalisco and OmegaLord phishing kits bypass Microsoft 365 MFA

Source headline: New phishing kits target Microsoft 365 accounts, evade MFA

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 1 day ago

Intelligence Summary

Two phishing kits, Jalisco and OmegaLord, are being used against Microsoft 365 accounts. The campaigns rely on techniques designed to defeat multi-factor authentication rather than simply tricking for passwords. If successful, attackers can gain access to email and other Microsoft 365 resources. The activity highlights how MFA alone may not fully protect users from modern social engineering flows. Microsoft 365 administrators and users should review account activity and follow phishing-resistant protection guidance, including stronger conditional access and verification controls.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#credential-theft #account-takeover #phishing #microsoft-365 #mfa-bypass
Original reporting BleepingComputer New phishing kits target Microsoft 365 accounts, evade MFA
Open original source