The Threat Codex
Riding the Rails: Threat Actors Abuse Railway.com PaaS as Microsoft 365 Token Attack Infrastructure
#EvilTokens #Railway
https://www.huntress.com/blog/railway-paas-m365-token-replay-campaign
Threat Actors Abuse Railway.com PaaS as Microsoft 365 Token Attack Infrastructure | Huntress

Railway PaaS is being weaponized as a clean token replay engine in an active AiTM and device code phishing campaign impacting 268+ M365 organizations and 100+ MSPs.

Huntress
Mar 27 at 8:25pmWeb