Read the original article at https://blog.knowbe4.com/the-ghost-in-the-machine-how-a-multi-stage-phishing-campaign-evades-security-to-steal-microsoft-365-credentials
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke
Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs), and multi-factor authentication (MFA) tools.
Read the original article at https://blog.knowbe4.com/the-ghost-in-the-machine-how-a-multi-stage-phishing-campaign-evades-security-to-steal-microsoft-365-credentials