Microsoft

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest

AI, bug bounty program, hacking competition, Microsoft, Vulnerabilities, Zero Day Quest /

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest 2025-08-05 at 11:38 By Ionut Arghire Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026. The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek. This article is […]

React to this headline:

Loading spinner

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest Read More »

Microsoft Boosts .NET Bounty Program Rewards to $40,000

.NET, bug bounty program, Microsoft, Vulnerabilities /

Microsoft Boosts .NET Bounty Program Rewards to $40,000 2025-08-01 at 16:01 By Ionut Arghire Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards. The post Microsoft Boosts .NET Bounty Program Rewards to $40,000 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Boosts .NET Bounty Program Rewards to $40,000 Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)

0-day, CISA, Don't miss, exploit, Eye Security, Hot stuff, Microsoft, News, Palo Alto Networks, SharePoint /

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) 2025-07-21 at 00:02 By Zeljka Zorz Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a backdoor on vulnerable

React to this headline:

Loading spinner

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

React to this headline:

Loading spinner

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday

CVE-2025-49719, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday 2025-07-09 at 00:24 By Ionut Arghire Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server. The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday Read More »

July 2025 Patch Tuesday forecast: Take a break from the grind

Adobe, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

July 2025 Patch Tuesday forecast: Take a break from the grind 2025-07-07 at 09:33 By Help Net Security There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks. The news

React to this headline:

Loading spinner

July 2025 Patch Tuesday forecast: Take a break from the grind Read More »

NTLM relay attacks are back from the dead

attacks, authentication, certificate authority, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Microsoft, News, opinion, servers, SpecterOps /

NTLM relay attacks are back from the dead 2025-07-04 at 09:32 By Help Net Security NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – and, in fact, it may be getting worse. Anecdotally, they are

React to this headline:

Loading spinner

NTLM relay attacks are back from the dead Read More »

Microsoft introduces protection against email bombing

Don't miss, Email, Hot stuff, Microsoft, Microsoft Defender, News, social engineering, spam /

Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in

React to this headline:

Loading spinner

Microsoft introduces protection against email bombing Read More »

RIFT: New open-source tool from Microsoft helps analyze Rust malware

code analysis, Don't miss, GitHub, Malware, Microsoft, News, open source, rust /

RIFT: New open-source tool from Microsoft helps analyze Rust malware 2025-06-30 at 13:01 By Mirko Zorz Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming more popular for its speed and memory safety, those same qualities make malware

React to this headline:

Loading spinner

RIFT: New open-source tool from Microsoft helps analyze Rust malware Read More »

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black

BSOD, Endpoint Security, Featured, Microsoft, Windows /

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black 2025-06-27 at 19:43 By Associated Press After more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black background. The post Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black appeared first

React to this headline:

Loading spinner

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black Read More »

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage 

CrowdStrike, Endpoint Security, kernel, Microsoft, Windows /

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  2025-06-27 at 14:50 By Eduard Kovacs Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel. The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  appeared

React to this headline:

Loading spinner

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  Read More »

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears

Endpoint Security, ESU, Extended Security Updates, Microsoft, Windows, Windows ESU /

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears 2025-06-25 at 16:29 By Eduard Kovacs With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates.  The post Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears appeared first on

React to this headline:

Loading spinner

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears Read More »

Windows 10: How to get security updates for free until 2026

consumer, Don't miss, enterprise, Hot stuff, Microsoft, News, security update, SMBs, Windows /

Windows 10: How to get security updates for free until 2026 2025-06-25 at 14:45 By Zeljka Zorz Users who want to stick with Windows 10 beyond its planned end-of-support date but still receive security updates, can enroll into the Windows 10 Extended Security Updates (ESU) program, Microsoft has confirmed on Tuesday. Microsoft’s (self-evident) long-term goal

React to this headline:

Loading spinner

Windows 10: How to get security updates for free until 2026 Read More »

Users lack control as major AI platforms share personal info with third parties

ChatGPT, cybersecurity, generative AI, Incogni, LLMs, Meta, Microsoft, News, Privacy, report /

Users lack control as major AI platforms share personal info with third parties 2025-06-25 at 07:02 By Help Net Security Some of the most popular generative AI and large language model (LLM) platforms, from companies like Meta, Google, and Microsoft, are collecting sensitive data and sharing it with unknown third parties, leaving users with limited

React to this headline:

Loading spinner

Users lack control as major AI platforms share personal info with third parties Read More »

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

data theft, Don't miss, Hot stuff, Microsoft, News, SonicWall, trojan, VPN /

Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote

React to this headline:

Loading spinner

Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »

Microsoft will start removing legacy drivers from Windows Update

Don't miss, drivers, Hot stuff, Microsoft, News, Windows /

Microsoft will start removing legacy drivers from Windows Update 2025-06-23 at 17:47 By Zeljka Zorz Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has announced. This is intended to be an ongoing process and Microsoft is planning to introduce

React to this headline:

Loading spinner

Microsoft will start removing legacy drivers from Windows Update Read More »

Stealthy backdoor found hiding in SOHO devices running Linux

Asus, backdoor, China, Cisco, CISO, cybercrime, D-Link, Don't miss, hardware, Linksys, Microsoft, News, router, Ruckus Networks, security cameras, SecurityScorecard, Synology /

Stealthy backdoor found hiding in SOHO devices running Linux 2025-06-23 at 11:02 By Mirko Zorz SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader shift in how China-Nexus threat actors are using Operational Relay Box (ORB) networks to

React to this headline:

Loading spinner

Stealthy backdoor found hiding in SOHO devices running Linux Read More »

Scroll to Top