Intrusions involved the use of the domain, crowdstrike-office365[.]com, to lure users into downloading a recovery tool purportedly addressing update-related boot loop issues but delivers a malware loader.
Article Link: CrowdStrike outage exploited for Lumma infostealer deployment | SC Media