North Korean group deploys malware via fake Microsoft alerts

The state-sponsored hacking group ScarCruft, linked to North Korea, is conducting spear-phishing attacks. These campaigns mimic Microsoft Account security notifications to distribute NarwhalRAT malware. The objective is to create a false sense of urgency, thereby deceiving recipients into opening malicious attachments and compromising their systems.