Cybersecurity experts have identified a phishing kit called “SessionShark” that can bypass Office 365’s multi-factor authentication (MFA). This tool steals session tokens, allowing attackers to acces…