Clever Phishing Campaign Exploits Corporate Trust in Pakistan

A targeted espionage campaign against Pakistani public-safety organizations leveraged spear-phishing with malicious Word and PDF attachments to abuse Visual Studio Code Remote Tunnels and ClickOnce deployments, enabling attackers to capture device authorization tokens (via macros and Discord webhooks) and enroll victim machines under attacker-controlled developer accounts to gain persistent remote access.