Tag: microsoft
-
FBI warns of sophisticated Kali365 phishing service targeting Microsoft accounts
First seen on scworld.com Jump to article: www.scworld.com/brief/fbi-warns-of-sophisticated-kali365-phishing-service-targeting-microsoft-accounts
-
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the Microsoft Malware Protection Engine. The company stated it is aware of the issue and is…
-
Mastra AI Framework Poisoned in npm Supply-Chain Attack
Microsoft-Owned GitHub, Which Runs npm, Previews Supply-Chain Security Fixes. The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation pipelines, has been poisoned by attackers, and Microsoft-owned GitHub has advised all developers to downgrade Mastra, pending compromised packages being found and eradicated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mastra-ai-framework-poisoned-in-npm-supply-chain-attack-a-32003
-
Microsoft fixes Windows Server 2016 security update failures
Microsoft has fixed a known issue causing the June 2026 security updates to fail on Windows Server 2016 systems that weren’t up to date. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2016-security-update-failures/
-
Hackers Could Abuse SQL Server 2025 AI Features to Steal Sensitive Data
A new security analysis has revealed that Microsoft SQL Server 2025’s native AI capabilities can be repurposed by attackers to stealthily exfiltrate sensitive data and establish command-and-control (C2) channels directly within the database engine, significantly expanding the post-exploitation attack surface. Security researcher Justin Kalnasy of SpecterOps demonstrated that newly introduced AI-focused features, intended to support…
-
Windows 11 June Patch Triggers Microsoft Office Startup Issues
Microsoft’s June 2026 cumulative update for Windows 11 (KB5095051, OS Build 28000.2269) introduces an unexpected application compatibility issue that may disrupt enterprise workflows, as users report that Microsoft Office applications fail to launch when opened via certain third-party applications. The update, released on June 9, 2026, targets Windows 11 version 26H1 and bundles critical security…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Gefährlicher Windows-Exploit: Microsoft verspricht ein High-Quality-Update
Microsoft will mit einem Update die Ausnutzung des Rogueplanet-Exploits auf Windows-Geräten unterbinden. Wann das passiert, bleibt aber ein Rätsel. First seen on golem.de Jump to article: www.golem.de/news/rogueplanet-exploit-microsoft-verspricht-ein-high-quality-sicherheitsupdate-2606-209904.html
-
Gefälschter Microsoft-Sicherheitsalarm: Nordkoreanische Hacker nutzen NarwhalRAT
Die Hackergruppe ScarCruft nutzt gefälschte Microsoft-Sicherheitsalarme, um die neue, im Arbeitsspeicher agierende Schadsoftware NarwhalRAT zu verbreiten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/narwhalrat-hacker
-
Microsoft Teams als Tarnung: Ransomware-Bande versteckt Datenverkehr
Die DragonForce-Ransomware nutzt eine Schwachstelle in Microsoft Teams, um den Datenverkehr zu ihren Steuerungsservern unbemerkt zu tarnen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/teams-ransomware
-
Windows Defender Vulnerability Exposed as RoguePlanet PoC Spreads Online
A newly disclosed Windows Defender vulnerability, tracked as CVE-2026-50656 and dubbed RoguePlanet, has raised concerns across the cybersecurity community after a working proof-of-concept (PoC) exploit was released before a security patch became available. The exploit was published on GitHub by security researcher Nightmare Eclipse on June 10, 2026, only hours after Microsoft issued its June Patch Tuesday updates. First seen…
-
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it’s working to release a patch to address a Defender zero-day codenamed RoguePlanet.The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.”Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in…
-
Microsoft Defender vs. McAfee: Features, Pricing, Pros Cons in 2026
Tags: microsoftCompare Microsoft Defender and McAfee features, pricing, and performance to find the best fit for your needs in 2026. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/windows-defender-vs-mcafee-antivirus/
-
DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months
DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ransomware operators hit a major U.S. services firm and stayed hidden for one to two months by routing their command-and-control traffic through Microsoft’s own Teams relay servers. Symantec’s threat hunters tracked the custom backdoor they…
-
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-office-apps-launch-issues-after-june-updates/
-
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-office-apps-launch-issues-after-june-updates/
-
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the >>RoguePlanet<>working … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/rogueplanet-zero-day-cve-2026-50656/
-
Microsoft working on Defender patch for RoguePlanet zero-day
Microsoft confirmed that it’s working on a security patch for a Defender zero-day vulnerability named “RoguePlanet,” disclosed one week ago. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-working-on-defender-patch-for-rogueplanet-zero-day/
-
(g+) Ask Me Anything 17.6.: Digitale Souveränität: Raus aus der Cloud im IT-Alltag?
Heute ab 17 Uhr beantwortet der Microsoft-365- und Security-Experte Aaron Siller deine Fragen zu souveränen IT-Entscheidungen, hier kommt der Teilnahmelink! First seen on golem.de Jump to article: www.golem.de/news/ask-me-anything-17-6-digitale-souveraenitaet-raus-aus-der-cloud-im-it-alltag-2606-209854.html
-
Neue Spionage-Gruppe OP-512 attackiert Microsoft-Server
Die Cyberspionage-Gruppe OP-512 greift gezielt Microsoft IIS-Webserver an und nutzt ein maßgeschneidertes Web-Shell-Framework zur Tarnung. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/microsoft-server-spionage
-
Microsoft AntiSSRF open-source library helps block server-side request forgery
AntiSSRF is an open-source code library from Microsoft that validates URLs and network connections to reduce server-side request forgery (SSRF) risks in web applications. It … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/microsoft-antissrf-open-source-library/
-
North Korean hackers use fake Microsoft alerts to deploy NarwhalRAT malware
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-hackers-use-fake-microsoft-alerts-to-deploy-narwhalrat-malware
-
DragonForce ransomware uses Microsoft Teams for covert command and control
First seen on scworld.com Jump to article: www.scworld.com/brief/dragonforce-ransomware-uses-microsoft-teams-for-covert-command-and-control
-
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft’s enterprise AI agent platform. The integration, unveiled at Identiverse 2026, gives security teams the tools to manage what Copilot Studio agents can access, under what conditions, and with a…
-
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft’s enterprise AI agent platform. The integration, unveiled at Identiverse 2026, gives security teams the tools to manage what Copilot Studio agents can access, under what conditions, and with a…
-
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
Las Vegas, USA / Nevada, 16th June 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/aembit-extends-iam-for-agentic-ai-to-microsoft-copilot-studio/
-
Cybercriminals mask malicious communications through Microsoft Teams relays
Tags: communications, control, cybercrime, group, infrastructure, malicious, malware, microsoft, ransomwareThe DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/dragonforce-microsoft-teams-malware-backdoor-turn/
-
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving malware undetected. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ghosttree-attack-abused-recursive-windows-junctions-to-hide-malware/