Attackers found a new way around MFA.

## Executive Summary The CyberWire Daily roundup highlights multiple active and emerging cyber threats: an FBI warning about the Kali365 phishing service targeting Microsoft 365 accounts, Iran-linked phishing and SEO poisoning campaigns aimed at US aviation, discovery of thousands of potential OSS vulnerabilities, a large-scale GitHub backdoor/supply-chain campaign (Megalodon) affecting many repositories, exploitation of a KnowledgeDeliver zero-day to deploy web shells, and arrests tied to bulletproof hosting used by Russian-aligned actors. These items indicate ongoing phishing, supply-chain compromise, zero-day exploitation, and criminal hosting infrastructure activity that pose cross-sector risks.