Summary:
- Hackers have found a way to abuse Microsoft 365 to send phishing emails that appear to come from within an organization.
- The hackers are exploiting a feature in Microsoft 365 called "Direct Send" to bypass security measures and deliver malicious emails.
- This attack allows hackers to gain access to sensitive information and potentially compromise the entire organization's network.