https://news.excello.email/tags/microsoft-365/Recent content in Microsoft-365 on Daily DMARC NewsHugoen-USTue, 09 Jun 2026 08:00:00 +0000https://news.excello.email/posts/2026-06-09-microsoft-365-direct-send-exploit-dmarc-bypass/Tue, 09 Jun 2026 08:00:00 +0000https://news.excello.email/posts/2026-06-09-microsoft-365-direct-send-exploit-dmarc-bypass/<p>A phishing campaign uncovered by Varonis Threat Labs targeted more than 70 organizations &ndash; predominantly in the United States &ndash; by exploiting a legitimate Microsoft 365 feature in a way most security teams had not anticipated. The attack required no stolen credentials, no compromised account, and no software vulnerability in the traditional sense. It required a predictable endpoint, permissive mail routing, and an incomplete understanding of how Microsoft 365 processes mail that arrives through its own infrastructure.</p>