Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts
Bleeping Computer
by Bill ToulasFebruary 11, 2026
The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials.
Verticals
securitytech
Originally published on Bleeping Computer on 2/11/2026