• Alerts
  • Events
  • DCR
    • Explore Cyware Products
    Alerts Events DCR
    Go to listing page

    Microsoft 365 'Direct Send' abused to send phishing as internal users

    • Threat Intel & Info Sharing
    • June 26, 2025
    • bleepingcomputer
    A phishing campaign is actively exploiting Microsoft 365's "Direct Send" feature to send spoofed internal emails and steal user credentials. Direct Send, which allows unauthenticated email sending via a tenant's smart host, is a known security risk.
    Read More
    • Microsoft 365
    • Direct Send
    Cyware Publisher

    Publisher

    Previous

    US, France crack down on BreachForums with arrests, Int ...

    Incident Response, Learnings

    Next

    Critical Open VSX Registry Flaw Exposes Millions of Dev ...

    Malware and Vulnerabilities


    RESOURCES
    Cyber Fusion Center Guide
    EVENTS

    News and Updates, Hacker News

    Get in touch with us now!

    1-855-692-9927


    Download Cyware Social App

    Terms of Use Privacy Policy © 2023