Huntress has identified an active phishing campaign targeting Microsoft 365 users, originating from Railway and using AI‑generated, personalized lures to steal credentials. We recommend reviewing sign‑in logs for the listed IP ranges and mitigating risk by blocking device code authentication and denying access from those sources.
Read More