> TritonInfoSec News
Home / Jun 17, 2026 / Story
0
#9 The Hacker News general June 16, 2026 at 08:14 UTC

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

By [email protected] (The Hacker News)

AI Summary

North Korean APT37 (ScarCruft) was observed delivering a new RAT called NarwhalRAT via spear-phishing emails impersonating Microsoft Account security alerts, according to Genians Security Center. The campaign leverages social engineering around fake account compromise notifications to trick targets into executing the malware payload.

Read full article → https://thehackernews.com/2026/06/fake-microsoft-a…

Relevance score: 76.0/100

# More from June 17

  1. 1
    Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week The Hacker News
  2. 2
    China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth The Hacker News
  3. 3
    Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw The Hacker News
  4. 4
    Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails The Hacker News
  5. 5
    One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes The Hacker News
  6. 6
    Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages SecurityWeek
  7. 7
    CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation The Hacker News
  8. 8
    Ransomware gang abuses Microsoft Teams relays to hide malicious traffic BleepingComputer
  9. 10
    OptinMonster WordPress plugin hacked in CDN supply-chain attack BleepingComputer