Information Security magazine highlights research from Certitude on the First Contact Safety Tip within Microsoft 365. By exploiting a Cross-Site Scripting (CSS) flaw, the user is unaware of the sender being unverified. Microsoft acknowledged the issue but offered no immediate plans to fix it.