Kali365 phishing platform targets Microsoft accounts

Kali365, a phishing-as-a-service platform also known as Octopi365 and Freedom365, targets Microsoft accounts. Detected by Huntress in May 2026, it uses AI and 33 built-in templates to steal session cookies and OAuth tokens, circumventing multi-factor authentication without directly compromising it.