**HEADLINE:** FBI Issues Cybersecurity Alert Regarding Critical Outlook and OneDrive Vulnerabilities
**WASHINGTON, D.C.** — The Federal Bureau of Investigation (FBI) has issued an urgent cybersecurity advisory concerning the Microsoft Outlook and OneDrive applications.
**WHO:** The Federal Bureau of Investigation, in coordination with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA).
**WHAT:** A primary threat alert regarding two critical security vulnerabilities. The FBI reports that malicious actors are actively exploiting these weaknesses to gain unauthorized remote access to government, corporate, and personal systems. The attack vector involves a sophisticated phishing campaign designed to circumvent standard multi-factor authentication protocols. Upon compromising an account via malicious email links, perpetrators execute a "consent phishing" attack within OneDrive, granting themselves persistent access to stored files and enabling lateral network movement.
**WHEN:** The alert was disseminated to critical infrastructure partners at 10:00 AM Eastern Standard Time today.
**WHERE:** The vulnerabilities are present in all current internet-connected versions of Microsoft Outlook and Microsoft OneDrive. Officials warn the threat is global, with initial targets concentrated in the energy, finance, and defense sectors of North America and Western Europe.
**WHY:** The FBI advises that immediate action is required to prevent data exfiltration and the potential deployment of ransomware. The agency has detected an increase in "zipper file" phishing emails—specifically password-protected ZIP archives—designed to evade automated security scanning by email gateways.
**OFFICIAL STATEMENT:** The Bureau strongly recommends all users immediately enable advanced phishing protection in multi-factor authentication settings, avoid opening external password-protected ZIP files received via email, and restrict OAuth application consent within organizational OneDrive administration portals. A full list of indicators of compromise has been published on the CISA website.
This is a developing story. The FBI encourages any entities detecting anomalous activity to report it to their local field office or the Internet Crime Complaint Center.