Tag: microsoft
-
Microsoft warnt: Hacker attackieren Outlook-Nutzer über gefährliche Exchange-Lücke
Angreifer können Outlook-Nutzern durch eine Sicherheitslücke in Exchange per E-Mail Schadcode unterschieben. Entsprechende Attacken laufen bereits. First seen on golem.de Jump to article: www.golem.de/news/microsoft-warnt-hacker-attackieren-outlook-nutzer-ueber-gefaehrliche-exchange-luecke-2606-209657.html
-
Microsoft releases Windows 10 KB5094127 extended security update
Microsoft has released the Windows 10 KB5094127 extended security update, which fixes the June 2026 Patch Tuesday vulnerabilities and adds new functionality to monitor the rollout of updated Secure Boot certificates that replace those expiring this month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5094127-extended-security-update/
-
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Today is Microsoft’s June 2026 Patch Tuesday, with security updates for 200 flaws and three publicly disclosed zero-day vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-3-zero-day-200-flaws/
-
Windows 11 KB5094126 & KB5093998 cumulative updates released
Microsoft has released Windows 11 KB5094126 and KB5093998 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5094126-and-kb5093998-cumulative-updates-released/
-
Miasma Worm Compromises 73 Microsoft GitHub Repositories
The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family…
-
Miasma Worm Compromises 73 Microsoft GitHub Repositories
The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family…
-
Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code.”Our priority is to protect customers and the broader ecosystem,” a Microsoft spokesperson told The Hacker News via email. “We…
-
GitHub disables Microsoft repos pushing password-stealing malware
Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-disables-microsoft-repos-pushing-password-stealing-malware/
-
Coreview hilft Minenräumorganisation HALO Trust beim sicheren Einsatz von Microsoft-365 auch in Konfliktgebieten
Der Spezialist für den Schutz und das Management von Microsoft-365-Tenants, Coreview, unterstützt die weltweit größte gemeinnützige Minenräumorganisation HALO Trust beim Schutz ihrer globalen Microsoft-365-Prozesse. Die Implementierung wurde dabei durch den Microsoft-Partner Cyber Vigilance unterstützt. Die Bereitstellung erstreckt sich auf Programme in 36 Ländern und Gebieten, einschließlich der Aktivitäten in der Ukraine. HALO beschäftigt mehr als…
-
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
Tags: credentials, cyber, cyberattack, endpoint, exploit, microsoft, monitoring, threat, update, windowsMicrosoft has introduced enhanced monitoring capabilities in Microsoft Defender for Endpoint to detect and disrupt cyberattacks that abuse the Remote Procedure Call (RPC) protocol, a core Windows communication mechanism that threat actors frequently exploit for lateral movement and credential access. Announced on June 8, 2026, the update provides granular visibility into inbound remote RPC activity,…
-
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog. However, it is embedded in the page itself and paired with a spoofed Microsoft OAuth…
-
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
A newly disclosed “Ghost-Sender” flaw is exposing Microsoft Exchange Online environments to large-scale email spoofing attacks, allowing threat actors to bypass standard email authentication controls and deliver forged messages directly to users’ inboxes. The issue, identified by security researchers Lucas Dodgson, Tobias Oberdörfer, and Robin Hilber, stems from misconfigurations in hybrid or cloud email deployments…
-
Microsoft Entra Agent ID Logs Expose Suspicious Assistive Agent Activity
Microsoft Entra Agent ID logs have exposed a subtle but consequential threat vector: assistive agents using the OAuth On-Behalf-Of (OBO) flow to act with delegated user privileges and perform potentially risky actions, such as sending external emails. In the examined incident an email with subject “Here is your invoice” was recorded in Exchange Purview as…
-
Microsoft’s open source tools were hacked to steal passwords of AI developers
Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers/
-
Miasma Worm Hits Microsoft’s AI Coding Ecosystem
Attackers Compromised More Than 70 Microsoft Repositories in Under 2 Minutes. Attackers linked to the Miasma supply-chain campaign compromised a Microsoft contributor account and pushed malicious code into more than 70 repositories, using artificial intelligence-assisted coding tools as an infection path to steal credentials and developer secrets at scale. First seen on govinfosecurity.com Jump to…
-
For the 2nd time in weeks, Microsoft packages laced with credential stealer
73 packages run self-replicating stealer as soon as they’re opened by an AI agent. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/for-the-2nd-time-in-weeks-microsoft-packages-laced-with-credential-stealer/
-
Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows
Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of monthly Windows … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/08/microsoft-defender-for-endpoint-edr-updates/
-
Internet Explorer WebBrowser Control Abuse Lets Attackers Convert Clicks Into RCE
Internet Explorer’s legacy WebBrowser control can be abused to turn seemingly harmless user clicks into full remote code execution (RCE), even on systems that no longer use Internet Explorer as a standalone browser. Although Microsoft officially ended support for IE, the Trident engine and WebBrowser ActiveX control remain embedded in numerous Windows applications built with…
-
Ein Wurm tobt auf Github: 73 Microsoft-Projekte nach Supply-Chain-Angriff gesperrt
Zahlreiche Softwareprojekte von Microsoft sind auf Github plötzlich gesperrt worden. Offenbar hat der Miasma-Wurm sie kompromittiert. First seen on golem.de Jump to article: www.golem.de/news/ein-wurm-tobt-auf-github-73-microsoft-projekte-nach-supply-chain-angriff-gesperrt-2606-209509.html
-
Kein Patch verfügbar: Bitlocker-Exploit Bitskrieg veröffentlicht
Microsofts empfohlene Korrektur für den Bitlocker-Exploit Yellowkey ist offenbar unvollständig. Mit Bitskrieg soll sie sich umgehen lassen. First seen on golem.de Jump to article: www.golem.de/news/kein-patch-verfuegbar-bitlocker-exploit-bitskrieg-veroeffentlicht-2606-209491.html
-
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats.”When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra…
-
Microsoft Warns Claude Code GitHub Action May Expose CI/CD Secrets
Anthropic’s Claude Code GitHub Action could unintentionally expose CI/CD workflow secrets when AI agents process untrusted GitHub content. The risk arises because certain tools the agent uses to read files were not sandboxed like subprocess execution paths such as Bash. In particular, the Read tool was able to access /proc/self/environ and returned environment variables, including…
-
GitHub Copilot app launches as desktop home for AI coding agents
GitHub introduced the Copilot app, a desktop application built for working with AI coding agents, at Microsoft Build 2026. The release expands GitHub’s Copilot product … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/08/github-copilot-app-ai-coding-agents/
-
Hands on with Intelligent Terminal, an AI-powered Windows Terminal
Microsoft has created an open-source fork of Windows Terminal called “Intelligent Terminal,” and it allows you to use AI directly inside Terminal without interfering with the regular session. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/hands-on-with-intelligent-terminal-an-ai-powered-windows-terminal/
-
New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams
Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication and steal files from cloud environments. First seen on hackread.com Jump to article: hackread.com/pink-extortion-microsoft-365-cloud-data-vishing-scams/
-
Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token.”Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,” security researcher Ammar Askar said.GitHub supports…
-
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign.The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories.”Access to this First seen on thehackernews.com Jump…
-
New China-linked threat cluster OP-512 targets Microsoft IIS servers
First seen on scworld.com Jump to article: www.scworld.com/brief/new-china-linked-threat-cluster-op-512-targets-microsoft-iis-servers
-
Microsoft introduces execution containers for AI agents
First seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-introduces-execution-containers-for-ai-agents
-
Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-apt-deploys-new-malware-to-keep-access-to-hacked-networks/