Tag: microsoft
-
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange…
-
Microsoft to automatically roll back faulty Windows drivers
Microsoft is introducing a new Windows Update capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-automatically-roll-back-faulty-windows-drivers/
-
Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits and phishing-as-a-service (PhaaS) platforms, making the once obscure technique widely accessible. New kits are appearing almost weekly, many seemingly…
-
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-zeroday-exchange-servers/
-
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/exchange-server-cve-2026-42897-exploited/
-
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/
-
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Tags: attack, cyber, cyberattack, exploit, malware, microsoft, software, threat, tool, vulnerabilityMicrosoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The technique highlights a growing shift in cyberattacks where adversaries rely on legitimate software and existing trust relationships to evade detection. Notably, no vulnerability in HPE OA was exploited. Instead, threat actors…
-
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero-day vulnerabilities in Microsoft Edge, Windows 11, LiteLLM, and NVIDIA platforms. On May 14, researchers demonstrated 24 unique zero-day exploits, earning a total of $523,000 in rewards, according to Trend…
-
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond traditional credential theft. This development comes just weeks after a global takedown effort led by Microsoft and Europol disrupted Tycoon 2FA infrastructure. Despite that operation, the actors have quickly adapted, reusing their…
-
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the…
-
Zero-Click-Lücke in Outlook: Angreifer können Systeme per E-Mail kompromittieren
Das bloße Senden einer E-Mail reicht aus, um über Microsoft Outlook Schadcode zur Ausführung zu bringen. Ein Klick auf einen Link ist nicht nötig. First seen on golem.de Jump to article: www.golem.de/news/zero-click-luecke-in-outlook-angreifer-koennen-systeme-per-e-mail-kompromittieren-2605-208693.html
-
Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
Microsoft has revealed new technical insights into Kazuar, a long-running malware linked to the Russian state-backed group Secret Blizzard, highlighting its evolution into a stealthy, modular peer-to-peer (P2P) botnet designed for persistent cyber espionage. Originally identified as a traditional backdoor, Kazuar has steadily transformed into a sophisticated ecosystem that prioritizes resilience, low visibility, and flexible…
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theftThe campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
-
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user interaction. Tracked as CVE-2026-41096, the vulnerability has been rated critical with a CVSS base score of 9.8. It is patched in Microsoft’s May 12, 2026, security updates. Critical DNS client…
-
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months”‘long espionage operation, deploying the Deed RAT and Terndoor backdoors to maintain deep access across the network. The activity is attributed with moderate”‘to”‘high confidence to FamousSparrow, a China”‘aligned APT cluster that overlaps…
-
Microsoft’s WinUI agent plugin trims token use by over 70% during development
Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/14/winui-agent-plugin-github-claude/
-
Microsoft turns Copilot Studio into an AI agent control center
The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/14/copilot-studio-security-governance-updates/
-
Microsoft Research: AI Can Generate Realistic Command-Line and Process Telemetry
Tags: ai, attack, cloud, cyber, cybersecurity, data, detection, endpoint, incident response, intelligence, microsoft, risk, threatA new approach showing how artificial intelligence can generate highly realistic command-line data and process telemetry potentially transforming how security teams build and test threat detection systems. Logs and telemetry form modern cybersecurity risk, powering threat detection, incident response, and forensic investigations across endpoints and cloud environments. However, collecting high-quality attack telemetry remains a persistent…
-
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse First seen on thehackernews.com Jump…
-
Microsoft CEO Takes the Stand in Musk’s OpenAI Trial
Nadella Defends $13B OpenAI Investment as Musk’s Case Nears Its End. Microsoft CEO Satya Nadella testified in the Musk v. Altman trial that Elon Musk never raised concerns about Microsoft’s $13 billion OpenAI investment or the nonprofit-to-for-profit conversion. Nadella called the 2023 board crisis that ousted CEO Sam Altman amateur city. First seen on govinfosecurity.com…
-
Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or have been publicly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/microsoft-may-2026-patch-tuesday/
-
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5087544-extended-security-update/