Collecting Cyber-News from over 60 sources

Tag: microsoft

Microsoft shares mitigation for YellowKey Windows zero-day

May 20, 2026 10:00 AM

Tags: access, microsoft, mitigation, vulnerability, windows, zero-day

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware

May 20, 2026 9:00 AM

Tags: cyber, exploit, hacker, Internet, malware, microsoft, windows

Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware

May 20, 2026 9:00 AM

Tags: cyber, exploit, hacker, Internet, malware, microsoft, windows

Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
Cybercrime service disrupted for abusing Microsoft platform to sign malware

May 20, 2026 1:00 AM

Tags: cybercrime, malware, microsoft, ransomware, service

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/
Cybercrime service disrupted for abusing Microsoft platform to sign malware

May 20, 2026 1:00 AM

Tags: cybercrime, malware, microsoft, ransomware, service

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/
Microsoft Launches New Surface AI PCs for Business Buyers

May 19, 2026 10:00 PM

Tags: 5G, ai, business, microsoft

Microsoft launched new Surface for Business PCs with Intel Core Ultra Series 3 chips, AI features, 5G options, and enterprise security tools. The post Microsoft Launches New Surface AI PCs for Business Buyers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-surface-for-business-ai-pc-refresh/
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

May 19, 2026 10:00 PM

Tags: apple, business, crypto, data, google, macOS, malware, microsoft, password, threat

A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs. The post Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reaper-shub-malware-mac-users/
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

May 19, 2026 10:00 PM

Tags: apple, business, crypto, data, google, macOS, malware, microsoft, password, threat

A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs. The post Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reaper-shub-malware-mac-users/
Microsoft Self-Service Password Reset abused in Azure data theft attacks

May 19, 2026 10:00 PM

Tags: attack, data, microsoft, password, service, theft, threat

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

May 19, 2026 10:00 PM

Tags: apple, backdoor, google, macOS, microsoft, social-engineering

The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/stealer-spoofs-google-microsoft-apple-backdoors-macos
Microsoft dismantled malware-signing network Fox Tempest

May 19, 2026 9:00 PM

Tags: cybercrime, malicious, malware, microsoft, network, service, software, threat

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation run by a threat actor named Fox Tempest, which helped threat actors sign malware with short-lived certificates to make malicious software appear legitimate. The service abused Microsoft Artifact Signing and supported…
Microsoft Confirms Windows Update Bug Blocking Security Fixes

May 19, 2026 9:00 PM

Tags: microsoft, update, windows

Microsoft confirmed that KB5089549 can fail with error 0x800f0922 on Windows 11 devices with low EFI partition space, and shared workarounds are available. The post Microsoft Confirms Windows Update Bug Blocking Security Fixes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-update-rollout-bug/
Microsoft disrupts Fox Tempest malware-signing-asservice platform tied to ransomware gangs

May 19, 2026 7:00 PM

Tags: cybercrime, malware, microsoft, ransomware, service

The company unsealed a legal case in U.S. District Court on Tuesday detailing the disruption of Fox Tempest, a popular service that has operated since May 2025 and provides cybercriminals with code signing tools. First seen on therecord.media Jump to article: therecord.media/microsoft-disrupts-fox-tempest-malware-signing-service
Microsoft plans to improve Windows 11 driver quality in 2026

May 19, 2026 7:00 PM

Tags: microsoft, windows

Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers “sit at the heart of every Windows experience” and connect the OS to the “silicon, components, and peripherals.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-improve-windows-11-driver-quality-in-2026/
Microsoft blames macOS update for undismissible Teams location prompts

May 19, 2026 7:00 PM

Tags: macOS, microsoft, update

Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-blames-undismissible-teams-location-prompts-on-macos-update/
Microsoft disrupts cybercrime service that abused software verification systems en masse

May 19, 2026 6:00 PM

Tags: cybercrime, group, malware, microsoft, ransomware, service, software, threat

Fox Tempest, a financially-motivated threat group, allowed ransomware operators and other cybercriminals to slip malware-laced software past security controls. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-digital-crimes-unit-disrupts-fox-tempest/
Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool

May 19, 2026 6:00 PM

Tags: crime, crimes, cybercrime, group, infrastructure, microsoft, ransomware, threat, tool

Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-takes-down-fox-tempest/
Legacy Microsoft Utility Fuels New Wave of Malware

May 19, 2026 5:00 PM

Tags: attack, cybercrime, malware, microsoft, powershell, tool, windows

Researchers Link MSHTA Windows Utility to Lumma Stealer, ClickFix Campaigns. Cybercriminals continue abusing Microsoft’s legacy MSHTA utility to deliver malware, with researchers saying that the default-enabled Windows component remains a favored living-off-the-land tool for PowerShell attacks, info stealers and multi-stage malware loaders. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/legacy-microsoft-utility-fuels-new-wave-malware-a-31716
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation

May 19, 2026 5:00 PM

Tags: flaw, identity, microsoft, vulnerability

Microsoft’s total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and identity abuse. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-microsoft-vulnerabilities-doubled-from-exposure-to-escalation/
Neue Phishing-Methode umgeht MFA über echte Microsoft-Seiten

May 19, 2026 5:00 PM

Tags: mfa, microsoft, phishing

Sicherheitsforscher von Proofpoint schlagen Alarm: Eine Angriffstechnik namens ‘Device Code Phishing” entwickelt sich derzeit zu einer der am schnellsten wachsenden Bedrohungen im Bereich Identitätsschutz. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-methode-mfa-microsoft
Malware-Kampagnen in Windows über das Legacy-Internet-Tool MSHTA von Microsoft

May 19, 2026 5:00 PM

Tags: cyberattack, exploit, Internet, malware, microsoft, tool, windows

Cyberkriminelle nutzen legitime und mit Vorliebe veraltete Betriebssystemtools, um sie für ihre Zwecke zu missbrauchen und Angriffe zu tarnen. Je vertrauenswürdiger ein Dienstprogramm, umso besser. So beobachten die Bitdefender Labs den kontinuierlichen Exploit des Microsoft-HTML-Application-Host (MSHTA) und verzeichneten in den letzten Monaten eine höhere Frequenz von Angriffsketten, in denen die ausführbare Datei mshta.exe eine Rolle…
Internet Explorer may be dead, but its ghost still runs malware

May 19, 2026 4:00 PM

Tags: backdoor, crypto, detection, Internet, malware, microsoft, powershell, service, software, theft, tool, update, windows

A legacy Windows tool that refuses to die: Bitdefender’s findings suggest MSHTA remains attractive because it checks several boxes attackers like. These include it being Microsoft-signed, preinstalled on Windows, capable of in-memory execution, and still implicitly trusted in many environments.Other sophisticated campaigns picked it up too. Bitdefender detailed PurpleFox using MSHTA to launch ‘msiexec’ commands…
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain

May 19, 2026 3:00 PM

Tags: apple, attack, data, google, macOS, malicious, microsoft, password

A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/19/shub-reaper-macos-infostealer-apple-google-microsoft/
The New Phishing Click: How OAuth Consent Bypasses MFA

May 19, 2026 3:00 PM

Tags: mfa, microsoft, phishing, service

In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking them to enter a short code at microsoft.com/devicelogin and complete their normal MFA challenge, then walked away believing they had…
Microsoft confirms patching issues in restricted Windows networks

May 19, 2026 2:00 PM

Tags: microsoft, network, update, windows

Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-patching-issues-in-restricted-windows-networks/
Microsoft confirms patching issues in restricted Windows networks

May 19, 2026 2:00 PM

Tags: microsoft, network, update, windows

Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-patching-issues-in-restricted-windows-networks/
Microsoft Edge Enhances Security by Preventing Password Loading at Startup

May 19, 2026 2:00 PM

Tags: cyber, microsoft, password, startup

Microsoft is rolling out a key security change in its Edge browser to stop saved passwords from being loaded into memory as soon as the browser starts. The move comes after a security researcher showed that Edge was decrypting and keeping all stored passwords in cleartext in process memory during startup, even when users were…
Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data

May 19, 2026 11:00 AM

Tags: cloud, cyber, cyberattack, data, exploit, hacker, malicious, microsoft, threat

Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked as Storm-2949, targeting Microsoft Entra ID accounts to steal sensitive data from Microsoft 365 and Azure environments. Instead of deploying malicious payloads, Storm-2949 abused legitimate cloud management features to gain…
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

May 19, 2026 11:00 AM

Tags: credentials, cybersecurity, microsoft

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million…
Hacker können Konten kapern: Lücke im Microsoft Authenticator ermöglicht Datenklau

May 19, 2026 11:00 AM

Tags: hacker, microsoft, update

Angreifer können beim Microsoft Authenticator Zugriffstokens abgreifen und damit auf Daten und Dienste der Nutzer zugreifen. Ein Patch ist verfügbar. First seen on golem.de Jump to article: www.golem.de/news/hacker-koennen-konten-kapern-luecke-im-microsoft-authenticator-ermoeglicht-datenklau-2605-208805.html