A new phishing-as-a-service platform called Forg365 is built to steal Microsoft 365 accounts, combining adversary-in-the-middle and device-code phishing with AI-generated lures created directly in its control panel. Researchers at ZeroBEC found the panel lets operators build campaigns, configure malicious OAuth apps, generate and refine phishing emails with AI, and monitor compromised mailboxes for keywords, all in one place. It also ships a browser extension that silently refreshes session cookies through an OAuth flow, giving attackers ongoing access without re-authenticating. The operators deliver lures posing as business documents, using legitimate email-sending infrastructure to slip past filters. The researchers note AI is lowering the cost of both writing phishing content and building phishing platforms.