Microsoft

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers […]

React to this headline:

Loading spinner

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Free courses: Master AI tools from Microsoft, AWS, and Google

Artificial Intelligence, generative AI, Google Cloud, LLMs, Microsoft, News, skill development /

Free courses: Master AI tools from Microsoft, AWS, and Google 2025-08-14 at 07:32 By Anamarija Pogorelec Learn how AI technologies can be applied to enhance security, create safe and responsible applications, develop intelligent agents, and improve information discovery. You’ll gain practical skills, explore new tools, and work on projects that help you apply what you

React to this headline:

Loading spinner

Free courses: Master AI tools from Microsoft, AWS, and Google Read More »

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

Akamai, Don't miss, Hot stuff, Immersive, Microsoft, MS Office, News, Patch Tuesday, SharePoint, Tenable, Trend Micro /

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) 2025-08-13 at 15:20 By Zeljka Zorz For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as part of a

React to this headline:

Loading spinner

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) Read More »

Microsoft Patches Over 100 Vulnerabilities

Microsoft, patch, Patch Tuesday, Vulnerabilities, vulnerability /

Microsoft Patches Over 100 Vulnerabilities 2025-08-13 at 07:02 By Eduard Kovacs Microsoft’s August 2025 Patch Tuesday updates address critical vulnerabilities in Windows, Office, and Hyper-V. The post Microsoft Patches Over 100 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Patches Over 100 Vulnerabilities Read More »

August 2025 Patch Tuesday forecast: Try, try, again

apple, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, SharePoint /

August 2025 Patch Tuesday forecast: Try, try, again 2025-08-08 at 09:30 By Help Net Security July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed across all the Microsoft releases, there was only one publicly

React to this headline:

Loading spinner

August 2025 Patch Tuesday forecast: Try, try, again Read More »

Microsoft Paid Out $17 Million in Bug Bounties in Past Year

bug bounty program, Microsoft, Vulnerabilities /

Microsoft Paid Out $17 Million in Bug Bounties in Past Year 2025-08-06 at 17:34 By Ionut Arghire Microsoft handed out $17 million in rewards to 344 security researchers through its bug bounty programs over the past year. The post Microsoft Paid Out $17 Million in Bug Bounties in Past Year appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Microsoft Paid Out $17 Million in Bug Bounties in Past Year Read More »

Project Ire: Microsoft’s autonomous malware detection AI agent

AI, automation, Don't miss, Hot stuff, LLM, malware detection, Microsoft, Microsoft Defender, News, reverse engineering /

Project Ire: Microsoft’s autonomous malware detection AI agent 2025-08-05 at 19:45 By Zeljka Zorz Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday. Tested on a dataset of known malicious and benign

React to this headline:

Loading spinner

Project Ire: Microsoft’s autonomous malware detection AI agent Read More »

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware

Malware & Threats, Microsoft, Project Ire, reverse engineering /

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware 2025-08-05 at 19:12 By Eduard Kovacs Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious. The post Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware Read More »

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest

AI, bug bounty program, hacking competition, Microsoft, Vulnerabilities, Zero Day Quest /

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest 2025-08-05 at 11:38 By Ionut Arghire Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026. The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest Read More »

Microsoft Boosts .NET Bounty Program Rewards to $40,000

.NET, bug bounty program, Microsoft, Vulnerabilities /

Microsoft Boosts .NET Bounty Program Rewards to $40,000 2025-08-01 at 16:01 By Ionut Arghire Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards. The post Microsoft Boosts .NET Bounty Program Rewards to $40,000 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Boosts .NET Bounty Program Rewards to $40,000 Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)

0-day, CISA, Don't miss, exploit, Eye Security, Hot stuff, Microsoft, News, Palo Alto Networks, SharePoint /

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) 2025-07-21 at 00:02 By Zeljka Zorz Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a backdoor on vulnerable

React to this headline:

Loading spinner

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

React to this headline:

Loading spinner

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday

CVE-2025-49719, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday 2025-07-09 at 00:24 By Ionut Arghire Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server. The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday Read More »

July 2025 Patch Tuesday forecast: Take a break from the grind

Adobe, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

July 2025 Patch Tuesday forecast: Take a break from the grind 2025-07-07 at 09:33 By Help Net Security There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks. The news

React to this headline:

Loading spinner

July 2025 Patch Tuesday forecast: Take a break from the grind Read More »

NTLM relay attacks are back from the dead

attacks, authentication, certificate authority, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Microsoft, News, opinion, servers, SpecterOps /

NTLM relay attacks are back from the dead 2025-07-04 at 09:32 By Help Net Security NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – and, in fact, it may be getting worse. Anecdotally, they are

React to this headline:

Loading spinner

NTLM relay attacks are back from the dead Read More »

Microsoft introduces protection against email bombing

Don't miss, Email, Hot stuff, Microsoft, Microsoft Defender, News, social engineering, spam /

Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in

React to this headline:

Loading spinner

Microsoft introduces protection against email bombing Read More »

RIFT: New open-source tool from Microsoft helps analyze Rust malware

code analysis, Don't miss, GitHub, Malware, Microsoft, News, open source, rust /

RIFT: New open-source tool from Microsoft helps analyze Rust malware 2025-06-30 at 13:01 By Mirko Zorz Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming more popular for its speed and memory safety, those same qualities make malware

React to this headline:

Loading spinner

RIFT: New open-source tool from Microsoft helps analyze Rust malware Read More »

Scroll to Top