security: Phishing actors exploit complex routing and misconfigurations to spoof domains

Microsoft reports that threat actors are abusing complex mail routing scenarios and misconfigured anti‑spoof protections to send phishing emails that are crafted to look like internally sent messages.

• Source: Microsoft Security Blog