Collecting Cyber-News from over 60 sources

Tag: microsoft

Sneaky Mermaid attack in Microsoft 365 Copilot steals data

Oct 24, 2025 9:26 PM

Tags: attack, data, injection, microsoft

Redmond says it’s fixed this particular indirect prompt injection vuln First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/m365_copilot_mermaid_indirect_prompt_injection/
Microsoft threatens to ram Copilot into Exchange Server on-prem

Oct 24, 2025 7:26 PM

Tags: ai, email, microsoft

Survey probes interest in AI assistance for locally hosted email setups First seen on theregister.com Jump to article: www.theregister.com/2025/10/23/copilot_exchange_server/
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability

Oct 24, 2025 7:26 PM

Tags: cve, exploit, flaw, microsoft, remote-code-execution, service, update, vulnerability, windows

Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild.The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the tech…
Windows Server 2019: OutBand Updates KB5070883 für WSUS-Schwachstelle (23.10.2025)

Oct 24, 2025 6:26 PM

Tags: cve, cvss, microsoft, update, vulnerability, windows

Es gibt ein Out-of-Band Update KB5070883 für Windows Server 2019, welches Microsoft zum 23. Oktober 2025 bereitgestellt hat. Ziel dieses Notfall-Updates ist es, eine kritische Schwachstelle in WSUS zu schließen. Die Remote Execution-Schwachstelle CVE-2025-59287 wurde mit einem CVSS-Score von 9.8 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/windows-server-2019-out-of-band-update-kb5070883-fuer-wsus-schwachstelle/
Microsoft drops surprise Windows Server patch before weekend downtime

Oct 24, 2025 3:26 PM

Tags: microsoft, update, windows

You didn’t have plans, did you? First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/windows_server_patch/
Microsoft Issues Emergency Patch for Critical WSUS Remote Code Execution Flaw (CVE-2025-59287)

Oct 24, 2025 2:26 PM

Tags: cve, flaw, microsoft, remote-code-execution, risk, service, update, vulnerability, windows

Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses a direct risk to organizations that utilize WSUS to manage Windows updates across their IT infrastructure. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-fixes-cve-2025-59287/
Microsoft Issues Emergency Patch for Critical WSUS Remote Code Execution Flaw (CVE-2025-59287)

Oct 24, 2025 2:26 PM

Tags: cve, flaw, microsoft, remote-code-execution, risk, service, update, vulnerability, windows

Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses a direct risk to organizations that utilize WSUS to manage Windows updates across their IT infrastructure. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-fixes-cve-2025-59287/
Windows Server 2019: OutBand Update KB5070883 für WSUS-Schwachstelle (23.10.2025)

Oct 24, 2025 2:26 PM

Tags: cve, cvss, microsoft, update, vulnerability, windows

Es gibt ein Out-of-Band Update KB5070883 für Windows Server 2019, welches Microsoft zum 23. Oktober 2025 bereitgestellt hat. Ziel dieses Notfall-Updates ist es, eine kritische Schwachstelle in WSUS zu schließen. Die Remote Execution-Schwachstelle CVE-2025-59287 wurde mit einem CVSS-Score von 9.8 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/windows-server-2019-out-of-band-update-kb5070883-fuer-wsus-schwachstelle/
Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)

Oct 24, 2025 2:26 PM

Tags: cve, exploit, microsoft, remote-code-execution, update, vulnerability, windows

Microsoft has released an out-of-band security update that >>comprehensively
Microsoft blocks risky file previews in Windows File Explorer

Oct 24, 2025 1:26 PM

Tags: microsoft, update, vulnerability, windows

Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
Microsoft blocks risky file previews in Windows File Explorer

Oct 24, 2025 1:26 PM

Tags: microsoft, update, vulnerability, windows

Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
Microsoft blocks risky file previews in Windows File Explorer

Oct 24, 2025 1:26 PM

Tags: microsoft, update, vulnerability, windows

Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom

Oct 24, 2025 11:26 AM

Tags: breach, china, cve, exploit, flaw, hacker, microsoft, middle-east, threat, vulnerability

China-based threat actors exploited ToolShell SharePoint flaw CVE-2025-53770 soon after its July patch. China-linked threat actors exploited the ToolShell SharePoint flaw vulnerability, tracked as CVE-2025-53770, to breach a telecommunications company in the Middle East after it was addressed by Microsoft in July 2025. >>China-based attackers used the ToolShell vulnerability (CVE-2025-53770) to compromise a telecoms company in…
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack

Oct 24, 2025 10:26 AM

Tags: attack, cybersecurity, marketplace, microsoft, supply-chain, threat, worm

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks.The sophisticated threat, codenamed GlassWorm by Koi Security, is the second such supply chain attack to hit the DevOps space…
Skript dreht durch: Update-Panne wirft HP-Nutzer aus Microsoft-Umgebungen

Oct 24, 2025 10:26 AM

Tags: microsoft, powershell, update

Ein per Update für HP Oneagent verteiltes Powershell-Skript hat gravierende Folgen. Es löscht wild und ohne Rückfrage teils wichtige Zertifikate. First seen on golem.de Jump to article: www.golem.de/news/skript-dreht-durch-update-panne-wirft-hp-nutzer-aus-microsoft-umgebungen-2510-201495.html
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack

Oct 24, 2025 10:26 AM

Tags: attack, cybersecurity, marketplace, microsoft, supply-chain, threat, worm

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks.The sophisticated threat, codenamed GlassWorm by Koi Security, is the second such supply chain attack to hit the DevOps space…
Windows Server emergency patches fix WSUS bug with PoC exploit

Oct 24, 2025 10:26 AM

Tags: exploit, microsoft, service, update, vulnerability, windows

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-releases-windows-server-emergency-updates-for-critical-wsus-rce-flaw/
Microsoft Releases Urgent Fix for Windows Server Update Services RCE FLaw

Oct 24, 2025 10:26 AM

Tags: cve, cyber, flaw, microsoft, rce, remote-code-execution, service, threat, update, vulnerability, windows

Microsoft has released a critical security patch to address a severe remote code execution vulnerability affecting Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses an immediate threat to organizations managing Windows updates across their infrastructure. Attribute Details CVE ID CVE-2025-59287 Released October 14, 2025 Last Updated October 23, 2025 Vulnerability Type Remote…
Microsoft Boosts Windows Security by Disabling File Previews for Downloads

Oct 24, 2025 9:26 AM

Tags: credentials, cyber, exploit, Internet, microsoft, ntlm, update, vulnerability, windows

Microsoft has rolled out a significant security enhancement to Windows File Explorer, automatically disabling the preview pane for files downloaded from the internet as part of security updates released on and after October 14, 2025. This proactive measure targets a long-standing vulnerability that attackers have exploited to harvest NTLM hashes and sensitive credentials used for…
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense

Oct 24, 2025 8:26 AM

Tags: ai, attack, defense, microsoft

Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-ai-cyber-attacks-report/
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense

Oct 24, 2025 8:26 AM

Tags: ai, attack, defense, microsoft

Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-ai-cyber-attacks-report/
Hackers Steal Microsoft Teams Chats Emails by Grabbing Access Tokens

Oct 24, 2025 8:26 AM

Tags: access, attack, breach, communications, corporate, cyber, email, hacker, microsoft, risk, unauthorized

Security researchers have discovered a sophisticated method that allows attackers to steal access tokens from Microsoft Teams, potentially granting unauthorized access to sensitive corporate communications, emails, and SharePoint documents. The attack vector represents a significant security risk for organizations relying on Microsoft’s productivity suite, as stolen tokens can be weaponized for lateral movement within company…
Hackers Steal Microsoft Teams Chats Emails by Grabbing Access Tokens

Oct 24, 2025 8:26 AM

Tags: access, attack, breach, communications, corporate, cyber, email, hacker, microsoft, risk, unauthorized

Security researchers have discovered a sophisticated method that allows attackers to steal access tokens from Microsoft Teams, potentially granting unauthorized access to sensitive corporate communications, emails, and SharePoint documents. The attack vector represents a significant security risk for organizations relying on Microsoft’s productivity suite, as stolen tokens can be weaponized for lateral movement within company…
New Phishing Wave Uses OAuth Prompts to Take Over Microsoft Accounts

Oct 24, 2025 7:26 AM

Tags: authentication, cyber, malicious, mfa, microsoft, password, phishing

A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious applications through legitimate-looking Microsoft authorization screens. This method bypasses traditional password protection and multi-factor authentication, making it particularly…
New Phishing Wave Uses OAuth Prompts to Take Over Microsoft Accounts

Oct 24, 2025 7:26 AM

Tags: authentication, cyber, malicious, mfa, microsoft, password, phishing

A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious applications through legitimate-looking Microsoft authorization screens. This method bypasses traditional password protection and multi-factor authentication, making it particularly…
AI browsers can be abused by malicious AI sidebar extensions: Report

Oct 24, 2025 5:26 AM

Tags: access, ai, apple, attack, awareness, browser, chrome, ciso, cloud, credentials, cybersecurity, google, guide, hacker, infosec, least-privilege, linux, macOS, malicious, malware, marketplace, microsoft, password, phishing, risk, smishing, threat, tool, training

‘Dumpster fires’: David Shipley, head of Canadian employee security awareness training firm Beauceron Security, agrees.”I think if CISOs are bored and want to spice up their lives with an incident, they should roll out these AI-powered hot messes to their users,” he said .”But, if they’re like most CISOs and they have lots of problems,…
Microsoft puts Office Online Server on the chopping block

Oct 24, 2025 5:26 AM

Tags: microsoft, office

The end is nigh, now get thee to 365 First seen on theregister.com Jump to article: www.theregister.com/2025/10/22/microsoft_office_online_server/
HP pulls update that broke Microsoft Entra ID auth on some AI PCs

Oct 24, 2025 12:26 AM

Tags: ai, microsoft, software, update, windows

HP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, effectively disconnecting them from their company’s cloud environments. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/hp-pulls-update-that-broke-microsoft-entra-id-auth-on-some-ai-pcs/
DTTS – Zero Trust DNS Enforcement: Policy Violation Management

Oct 23, 2025 8:26 PM

Tags: apple, attack, business, communications, control, data, dns, endpoint, google, group, Internet, least-privilege, microsoft, mobile, network, phone, service, threat, tool, update, voip, vpn, wifi, zero-trust

In a default-deny world, where only verified sources and verified destinations are allowed, which require a successful policy-allowed DNS resolution, many modern threats are mitigated, and there’s demonstrable value in choosing this path, including being able to enforce “My network, my rules” approach to egress control. However, in this world where existing applications need to…
Keeper-Sentinel Integration Targets Rise in Identity Abuse and Privilege Misuse

Oct 23, 2025 8:26 PM

Tags: credentials, data, identity, microsoft, threat

Today, Keeper Security has announced a native integration with Microsoft Sentinel. This integration enables organisations to detect and respond to credential-based threats faster and with greater precision by streaming real-time Keeper event data directly into the Microsoft Sentinel Security Information and Event Management (SIEM) solution. Security teams gain deep visibility into credential use, privileged activity…