A sophisticated phishing campaign leveraging artificial intelligence (AI) has compromised the Microsoft cloud accounts of hundreds of organizations worldwide, according to cybersecurity researchers at Huntress.
The attacks, linked to the cloud-hosting platform Railway, exploited Microsoft’s authentication flow for connected devices, including smart TVs, printers, and terminals. By obtaining valid OAuth tokens, attackers gained account access for up to 90 days without requiring passwords or multifactor authentication.
AI Powers Unique and Scalable Phishing Lures
Researchers observed that the phishing emails varied widely in content and format, including traditional lures, QR codes, and links to file-sharing sites. “There were no identical emails or domains,” said Rich Mozeleski, Huntress product manager. “We suspect AI tools were used to generate unique lures at scale.”
The campaign initially affected a few dozen targets daily, but starting March 3, 2026, the attack tempo surged significantly. Hundreds of organizations across multiple sectors—including construction, law, finance, healthcare, nonprofits, and government—have been compromised, though Huntress reports successfully blocking post-compromise activity in all monitored cases.
Railway Infrastructure Exploited
The attackers appear to have weaponized Railway’s Platform as a Service (PaaS), a tool designed to help non-coders launch websites and applications, to deploy credential-harvesting infrastructure. The phishing emails originated from Railway IPs, though it remains unclear whether Railway’s own AI tools were directly used in generating the phishing content.
In response, Railway blocked the associated accounts and domains after being alerted by Huntress on March 6. Solutions engineer Angelo Saraceno noted that the platform’s automated abuse detection is designed to balance security enforcement with avoiding false positives, though the recent campaign evaded many standard detection signals.
The Growing Role of AI in Cybercrime
Experts warn that generative AI is enabling even low-level cybercriminals to execute attacks at a scale previously reserved for advanced threat actors. “We are seeing crooks as the first movers of AI,” said Prakash Ramamurthy, Huntress Chief Product Officer. “They don’t have qualms about exploiting personal information or training models, and the pace of this campaign is a clear example.”
The campaign underscores the need for organizations to strengthen cloud security policies, validate user activity, and monitor unusual authentication patterns—especially in environments where AI-assisted attacks can bypass conventional defenses.
Huntress has also issued a conditional access policy update for 60,000 Microsoft cloud tenants to mitigate further abuse of Railway-hosted domains. Mozeleski emphasized that stricter vetting and oversight of free platform trials could help prevent similar attacks in the future.
Takeaways for Organizations
- Implement robust monitoring for OAuth token usage and device-based authentication.
- Educate employees on AI-generated phishing tactics, including QR codes and unconventional file-sharing links.
- Review third-party platform policies to prevent misuse for automated attack infrastructure.
- Apply conditional access and adaptive security policies to mitigate potential account compromises.
The incident highlights a new era of AI-assisted cybercrime, where even small-scale actors can deploy highly sophisticated phishing campaigns that threaten large numbers of organizations globally.
