The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT.

"The attack email contained a message impersonating an MS account security alert," the Genians Security Center (GSC) said. "It was designed to create concern over possible



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html