TI Mindmap HUB
Threat Intelligence Report

Token Bingo: Don’t Let Your Code be the Winner

📅 May 1, 2026 📰 arcticwolf.com 🔍 0 CVE(s) referenced

A sophisticated, large-scale device code phishing campaign leveraging Kali365’s phishing-as-a-service platform is enabling threat actors to hijack Microsoft 365 accounts by tricking victims into authorizing malicious sessions, bypassing traditional credential defenses and extending attacker dwell time.

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle