A number of suspected Russia-linked risk actors are “aggressively” concentrating on people and organizations with ties to Ukraine and human rights with an intention to achieve unauthorized entry to Microsoft 365 accounts since early March 2025.
The extremely focused social engineering operations, per Volexity, are a shift from beforehand documented assaults that leveraged a way referred to as system code
Russian Hackers Exploit Microsoft OAuth to Goal Ukraine Allies through Sign and WhatsApp
