Here is your viral news snippet on the FBI alert regarding Outlook and OneDrive.
---
**🚨 FBI DROPS BOMBSHELL ALERT: Your Outlook & OneDrive Are Under Active Attack**
The FBI and CISA have just issued a rare, urgent "Emergency Directive" warning of a massive, coordinated cyberattack targeting Microsoft 365. Here are the **Top 5 things you need to know right now:**
- **The Hacking is Automated:** Hackers are using a **"oAuth" abuse technique** to steal your login tokens, not your passwords. This means they can bypass your Multi-Factor Authentication (MFA) completely, appearing as a trusted app to Microsoft.
- **OneDrive is the Highway:** The primary target is to gain access to **OneDrive**. Once inside, attackers use a tool called "GraphRunner" to automatically search your cloud files, emails, and contacts for sensitive data and financial info.
- **Outlook is the Weapon:** After compromising your OneDrive, the hackers instantly set up invisible **Outlook rules**. They auto-forward every email regarding *wire transfers, invoices, or passwords* to an external account—without you ever seeing it.
- **The "Stealth Mission" is Complete:** Because the attack uses **legitimate refresh tokens**, even if you change your password, the hackers still have access. You won't see a suspicious login location on your account history because it looks like *you* are using the service.
- **Your Emergency Action:** **Do NOT** just reset your password. Go to **Azure AD > Enterprise Applications** and manually **revoke all "oAuth" consents** you don't recognize. Look specifically for any app named "Graph" or "Microsoft Graph Command Line Tools" that you didn't install.
**Bottom Line:** If you got an email that looked "phishy" last week, and you use OneDrive, check your Outlook rules *immediately*. This is