Microsoft

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks 2026-01-07 at 13:46 By Ionut Arghire Threat actors spoof legitimate domains to make their phishing emails appear to have been sent internally. The post Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks Read More »

Illegal streaming grew into an organized, profitable, and dangerous industry

Illegal streaming grew into an organized, profitable, and dangerous industry 2025-12-31 at 08:01 By Sinisa Markovic Rising streaming prices are pushing more viewers toward illegal options. Movies, TV shows, and live sports are now spread across multiple platforms, and keeping up with all of them is expensive. When something is easy to access, works smoothly,

Illegal streaming grew into an organized, profitable, and dangerous industry Read More »

Security teams debate how much to trust AI

Security teams debate how much to trust AI 2025-12-30 at 07:06 By Anamarija Pogorelec AI is reshaping how organizations operate, defend systems, and interpret risk. Reports reveal rising AI-driven attacks, hidden usage across enterprises, and widening gaps between innovation and security readiness. As adoption accelerates, companies face pressure to govern AI responsibly while preparing for

Security teams debate how much to trust AI Read More »

Microsoft Bug Bounty Program Expanded to Third-Party Code

Microsoft Bug Bounty Program Expanded to Third-Party Code 2025-12-12 at 13:01 By Ionut Arghire All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services. The post Microsoft Bug Bounty Program Expanded to Third-Party Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Microsoft Bug Bounty Program Expanded to Third-Party Code Read More »

Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyber Defense

Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyber Defense 2025-12-09 at 22:02 By Mike Lennon Microsoft’s Global CISO Igor Tsyganskiy announced several leadership updates across the security organization on Tuesday. “To better align cybersecurity defense of Microsoft, our customers, partners and ecosystem we are continuing to optimize my organization,” Tsyganskiy noted in

Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyber Defense Read More »

December 2025 Patch Tuesday forecast: And it’s a wrap

December 2025 Patch Tuesday forecast: And it’s a wrap 2025-12-08 at 09:56 By Help Net Security It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, there

December 2025 Patch Tuesday forecast: And it’s a wrap Read More »

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft Silently Mitigated Exploited LNK Vulnerability 2025-12-03 at 14:35 By Ionut Arghire Windows now displays in the properties tab of LNK files critical information that could reveal malicious code. The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Silently Mitigated Exploited LNK Vulnerability Read More »

New “HashJack” attack can hijack AI browsers and assistants

New “HashJack” attack can hijack AI browsers and assistants 2025-11-26 at 14:18 By Zeljka Zorz Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or disinformation (e.g., incorrect medicine dosage guidance or investment advice), send sensitive data to the

New “HashJack” attack can hijack AI browsers and assistants Read More »

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature 2025-11-24 at 15:32 By Ionut Arghire Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation. The post Microsoft Highlights Security Risks Introduced by New Agentic AI Feature appeared first on SecurityWeek. This article is an excerpt from

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature Read More »

BlueCodeAgent helps developers secure AI-generated code

BlueCodeAgent helps developers secure AI-generated code 2025-11-20 at 08:05 By Sinisa Markovic When AI models generate code, they deliver power and risk at the same time for security teams. That tension is at the heart of the new tool called BlueCodeAgent, designed to help developers and security engineers defend against code-generation threats. Why code generation

BlueCodeAgent helps developers secure AI-generated code Read More »

Largest Azure DDoS Attack Powered by Aisuru Botnet

Largest Azure DDoS Attack Powered by Aisuru Botnet 2025-11-19 at 13:19 By Eduard Kovacs Microsoft said the DDoS attack was aimed at an endpoint in Australia and reached 15.72 Tbps and 3.64 Bpps. The post Largest Azure DDoS Attack Powered by Aisuru Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Largest Azure DDoS Attack Powered by Aisuru Botnet Read More »

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance 2025-11-19 at 10:03 By Eduard Kovacs Microsoft announced new security capabilities for Defender, Sentinel, Copilot, Intune, Purview, and Entra.  The post Microsoft Unveils Security Enhancements for Identity, Defense, Compliance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance Read More »

The next tech divide is written in AI diffusion

The next tech divide is written in AI diffusion 2025-11-17 at 07:05 By Anamarija Pogorelec AI is spreading faster than any major technology in history, according to a Microsoft report. More than 1.2 billion people have used an AI tool within three years of the first mainstream releases. The growth is fast, but it puts

The next tech divide is written in AI diffusion Read More »

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) 2025-11-12 at 14:44 By Zeljka Zorz Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215). CVE-2025-62215 CVE-2025-62215 is a memory corruption issue that stems

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) Read More »

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL? 2025-11-07 at 13:28 By Help Net Security October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (EOL). This included 116

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL? Read More »

Veeam App for Microsoft Sentinel brings backup intelligence directly into the SOC

Veeam App for Microsoft Sentinel brings backup intelligence directly into the SOC 2025-11-05 at 09:21 By Industry News Veeam Software launched its new Veeam App for Microsoft Sentinel. The solution provides advanced integration with Veeam Data Platform and empowers organizations to detect, investigate, and respond to cyber threats and backup anomalies, delivering data resilience and

Veeam App for Microsoft Sentinel brings backup intelligence directly into the SOC Read More »

Critical Windows Server WSUS Vulnerability Exploited in the Wild 

Critical Windows Server WSUS Vulnerability Exploited in the Wild  2025-10-24 at 17:56 By Eduard Kovacs CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available. The post Critical Windows Server WSUS Vulnerability Exploited in the Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Windows Server WSUS Vulnerability Exploited in the Wild  Read More »

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) 2025-10-24 at 15:38 By Zeljka Zorz Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server Update Services (WSUS) that is reportedly being exploited in the wild. About CVE-2025-59287 WSUS is a tool that helps

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) Read More »

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks 2025-10-24 at 15:38 By Ionut Arghire In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek. This article

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks Read More »

Scroll to Top