Malicious Actors Exploit SharePoint to Distribute Phishing Attacks Targeting the Energy Sector

Malicious actors are exploiting Microsoft's SharePoint file-sharing service to distribute malicious payloads as part of Adversary-in-the-Middle (AitM) phishing and Business Email Compromise (BEC) attacks targeting the energy sector. Attackers are using SharePoint as a delivery vector for their phishing campaigns, leveraging the legitimacy of Microsoft's service to bypass security measures.