The North Korean state-sponsored hacking group known as
ScarCruft (aka APT37) has been observed using spear-phishing
messages impersonating Microsoft Account security notifications to
deliver malware called NarwhalRAT. "The attack email contained a
message impersonating an MS account security alert," the Genians
Security Center (GSC) said. "It was designed to create concern over
possible
Read more https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html
