Collecting Cyber-News from over 60 sources

Tag: microsoft

Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails

May 5, 2026 6:49 PM

Tags: compliance, credentials, email, microsoft, phishing

Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-phishing-fake-compliance/
The Back Door Attackers Know About, and Most Security Teams Still Haven’t Closed

May 5, 2026 3:48 PM

Tags: ai, automation, control, google, mfa, microsoft, tool

Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don’t see it. Your MFA doesn’t stop it. And when an attacker gets…
Weniger Microsoft-Schwachstellen, aber mehr kritische Sicherheitslücken

May 5, 2026 1:48 PM

Tags: ai, cloud, microsoft, vulnerability

Die diesjährigen Zahlen des neuesten Microsoft Vulnerabilities Reports zeigen eine deutliche Verlagerung bei den ermittelten Sicherheitsrisiken: Einerseits hat sich die Gesamtzahl identifizierter Schwachstellen stabilisiert, aber andererseits haben die kritischen Anfälligkeiten stark zugenommen, wodurch Schweregrad und Auswirkungen der Sicherheitslücken rapide steigen [1]. Insgesamt gibt es 2025 ein verändertes Risikoprofil, das durch KI-beschleunigte Schwachstellenerkennung, eine wachsende Cloud-Akzeptanz……
Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

May 5, 2026 1:48 PM

Tags: access, control, credentials, data, detection, infection, infrastructure, malicious, malware, microsoft, phone, rat, rust, startup, theft, threat, tool, update, windows

Multi-stage infection chain: The intrusion begins with an unknown initial access vector, followed by the execution of a malicious file disguised as a ScreenConnect update, Talos said.The initial payload is a Rust-compiled loader using filenames such as “systemupdates.exe,” which drops a .NET loader disguised as a text file in a system directory, the post said.Persistence…
Coreview warnt vor Microsoft-Helpdesk-Betrug

May 5, 2026 1:48 PM

Tags: access, fraud, microsoft, social-engineering

Cyberkriminelle nutzen immer häufiger Microsoft-Teams für ihre Zwecke. In jüngster Zeit häufen sich dabei vor allem Vorfälle, in denen sie sich als Mitarbeitende des IT-Supports ausgeben. Hierfür richten sie spezielle Chats mit vermeintlichen IT-Supportanfragen ein, um mittels Echtzeit-Social-Engineering Zugriff auf die Unternehmenssysteme zu erhalten. In aller Regel beginnt eine solche Attacke mit dem Missbrauch externer…
Phishing campaign used fake compliance notices to compromise employee accounts

May 5, 2026 1:48 PM

Tags: compliance, microsoft, phishing

Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/microsoft-phishing-fake-compliance-notices/
Microsoft warns of global campaign stealing auth tokens from 35K users

May 5, 2026 12:49 PM

Tags: email, login, microsoft, phishing

Microsoft revealed a phishing campaign hitting 35,000 users in 26 countries, stealing login tokens via fake code-of-conduct emails and legit services. Microsoft disclosed a major phishing campaign that targeted over 35,000 users across 26 countries in mid-April 2026. Attackers used fake “code of conduct” emails sent through legitimate platforms to trick recipients into visiting bogus…
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

May 5, 2026 12:49 PM

Tags: access, malicious, malware, microsoft, mobile, phone, tool

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloudz-malware-abuses-microsoft-phone-link-to-steal-sms-and-otps/
Webbrowser: Klartext-Passwörter im Speicher von Microsoft Edge entdeckt

May 5, 2026 11:47 AM

Tags: microsoft, password

Der in Edge integrierte Passwortmanager ist offenbar keine sichere Wahl. Passwörter landen beim Start im Prozessspeicher und lassen sich auslesen. First seen on golem.de Jump to article: www.golem.de/news/webbrowser-klartext-passwoerter-permanent-im-speicher-von-microsoft-edge-2605-208315.html
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

May 5, 2026 10:48 AM

Tags: authentication, credentials, email, microsoft, phishing, service, theft

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens.The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26 countries,…
Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup

May 5, 2026 7:48 AM

Tags: cyber, flaw, microsoft, password, startup

A new security finding reveals that Microsoft Edge loads every saved password into its process memory as cleartext the moment the browser launches. Even more surprising to security professionals is Microsoft’s official response to the disclosure, which states that this insecure behavior is entirely >>by design.<< How the Memory Flaw Works According to a recent…
Microsoft Defender Bug Triggers False Malware Alerts for DigiCert Certificates

May 4, 2026 11:51 PM

Tags: malware, microsoft, windows

Microsoft fixed a Defender false positive that flagged legitimate DigiCert certificates as malware, disrupting Windows trust stores for some IT teams. The post Microsoft Defender Bug Triggers False Malware Alerts for DigiCert Certificates appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-defender-digicert-certificates-false-positive/
How Mythos Signals Cybersecurity Disruption

May 4, 2026 9:48 PM

Tags: access, ai, attack, banking, browser, business, cybersecurity, data, exploit, finance, government, hacker, healthcare, infrastructure, microsoft, open-source, risk, software, technology, tool, update, vulnerability, zero-day

What is Mythos Mythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software, including all major operating systems and web browsers. One was in existence for over 27 years without the industry…
Microsoft Defender Flags DigiCert Certificates as Malware

May 4, 2026 9:48 PM

Tags: microsoft, update

A Microsoft Defender update misclassified DigiCert certificates, disrupting trust before a fix was issued. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/microsoft-defender-flags-digicert-certificates-as-malware/
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware

May 4, 2026 2:49 PM

Tags: detection, malware, microsoft, threat, update

What happened A faulty Microsoft Defender antimalware signature update released around April 30, 2026, caused widespread false positive alerts by incorrectly flagging two legitimate DigiCert root certificates as high-severity malware. The detection, labeled Trojan:Win32/Cerdigent.A!dha, identified registry entries belonging to DigiCert Assured ID Root CA and DigiCert Trusted Root G4 as threats and automatically quarantined them…The…
Microsoft confirms April Windows updates cause backup failures

May 4, 2026 1:48 PM

Tags: backup, microsoft, update, windows

Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-backup-failures-caused-by-vulnerable-driver-block/
Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge

May 4, 2026 9:48 AM

Tags: attack, cyber, email, microsoft, phishing, spam, threat

Email bombing campaigns combined with fake IT support outreach are driving a surge in sophisticated Microsoft Teams phishing attacks. The attacks typically begin with email bombing, where victims are flooded with spam messages to create confusion and urgency. Shortly after, threat actors initiate contact via Microsoft Teams, impersonating internal IT support or helpdesk personnel. Posing…
DigiCert Root Certificates Incorrectly Detected as Malware by Microsoft Defender

May 4, 2026 9:48 AM

Tags: cyber, detection, malware, microsoft, threat, windows

On May 3, 2026, system administrators and everyday users worldwide experienced a sudden, massive spike in severe security alerts from Microsoft Defender. The native Windows security platform began aggressively flagging system files as >>Trojan:Win32/Cerdigent.A!dha.<< This unexpected detection caused widespread panic across IT departments, leading many professionals to believe a sophisticated threat actor had actively compromised…
Update-Panne: Microsoft Defender löscht Root-Zertifikate von Digicert

May 4, 2026 9:48 AM

Tags: microsoft, update, windows

Auf zahlreichen Windows-Systemen hat der Microsoft Defender in den letzten Tagen Fehlalarme ausgelöst und Digicert-Zertifikate gelöscht. First seen on golem.de Jump to article: www.golem.de/news/update-panne-microsoft-defender-loescht-root-zertifikate-von-digicert-2605-208250.html
EUVD-2026-22643 / CVE-2026-33825 – Sicherheitslücke in Microsoft Defender wird aktiv ausgenutzt

May 4, 2026 7:48 AM

Tags: bug, cve, microsoft

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-defender-lpe-cve-2026-33825-entra-id-ssrf-cve-2026-35431-a-33bdc775a7c3a02bc92508053041b47a/
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

May 3, 2026 8:49 PM

Tags: microsoft

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-defender-wrongly-flags-digicert-certs-as-trojan-win32-cerdigentadha/
U.S. CISA adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog

May 3, 2026 5:48 PM

Tags: cisa, control, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-41940 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. cPanel is a widely used web hosting control panel that lets…
ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts

May 3, 2026 1:48 PM

Tags: attack, authentication, automation, hacker, mfa, microsoft, password

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 authorization code flow to hijack accounts without passwords and despite multi-factor authentication being enabled. The original ConsentFix was documented by Push Security in December 2025 as an…The…
Windows shell spoofing vulnerability puts sensitive data at risk

May 3, 2026 10:50 AM

Tags: ai, attack, cisa, ciso, cve, cvss, data, exploit, firewall, group, microsoft, risk, skills, update, vulnerability, windows

A difficult balance: Erik Avakian, technical counselor at Info-Tech Research Group, noted that when it set the patching deadline, CISA had been operating within the guidelines laid down in Binding Operational Directive (BOD) 22-01, which requires US federal agencies to patch vulnerabilities within the timelines outlined under the policy, which range from 14 to 21…
Microsoft releases first big update after Nadella’s vow to ‘win back fans’

May 3, 2026 10:50 AM

Tags: microsoft, update

Lots of fixes, some performance tweaks. Fingers crossed there’s no out-of-band patch to follow First seen on theregister.com Jump to article: www.theregister.com/2026/05/01/microsoft_release_first_big_update/
Microsoft tests modern Windows Run, says it’s faster than legacy dialog

May 3, 2026 10:50 AM

Tags: microsoft, windows

Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-tests-modern-windows-run-says-its-faster-than-legacy-dialog/
Microsoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs Rise

May 1, 2026 6:39 PM

Tags: captcha, email, microsoft, phishing, qr

Microsoft flagged 8.3 billion phishing emails as attackers turned to QR codes, fake CAPTCHAs, PhaaS kits, and file-based payloads. The post Microsoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs Rise appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-phishing-emails-qr-codes-captcha-phaas/
As email phishing evolves, malicious attachments decline and QR codes surge

May 1, 2026 5:39 PM

Tags: email, malicious, microsoft, phishing, qr, tool

A new Microsoft report also describes the collapse of a once-dominant tool for generating phishing websites with fake CAPTCHAs. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/email-phishing-trends-microsoft-qr-codes/819077/