Tag: microsoft
-
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections. The post Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-yellowkey-bitlocker-bypass-mitigation/
-
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. First seen on cyberscoop.com Jump to article: cyberscoop.com/fbi-phishing-kali365-microsoft365-access-tokens/
-
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The law enforcement agency published an advisory on Thursday about Kali365, a Telegram-based service for cybercriminals that allows them to capture legitimate “OAuth” tokens enabling widespread access to Microsoft 365 environments. First seen on therecord.media Jump to article: therecord.media/fbi-warns-of-kali365-phishing-attacks
-
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords. First seen on hackread.com Jump to article: hackread.com/fbi-kali365-phishing-service-microsoft-365-account/
-
Storm-2949 actor targets Microsoft 365 and Azure environments
Tags: microsoftFirst seen on scworld.com Jump to article: www.scworld.com/brief/storm-2949-actor-targets-microsoft-365-and-azure-environments
-
Microsoft to phase out SMS authentication for account recovery
First seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-to-phase-out-sms-authentication-for-account-recovery
-
Microsoft disrupts Fox Tempest malware-signing service
First seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-disrupts-fox-tempest-malware-signing-service
-
Microsoft addresses Windows Update failures in restricted environments
First seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-addresses-windows-update-failures-in-restricted-environments
-
Everyone Suddenly Wants Claude’s Audit Logs
27 Enterprises Integrate Claude’s Compliance API. More than two dozen enterprise security vendors, including Microsoft, CrowdStrike and Palo Alto Networks, have built integrations with Anthropic’s Claude Compliance API, an interface the company launched months ago to give corporate security teams access to Claude activity data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/everyone-suddenly-wants-claudes-audit-logs-a-31753
-
Google’s Exploit Code Release Raises Concern Over Unfixed Chromium Security Bug
Google’s recent release of proof-of-concept (PoC) exploit code for a still-unpatched Chromium vulnerability has sparked significant concern across the cybersecurity community. The flaw, first reported in late 2022 by security researcher Lyra Rebane, remains unresolved after more than three years, exposing millions of users of Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and…
-
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinas-webworm-discord-microsoft-graphs
-
CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities (KEV) catalog on May 20, 2026. CVE-2026-45498: Microsoft Defender DoS Vulnerability CVE-2026-45498 is a denial-of-service (DoS) vulnerability in Microsoft Defender that can cause the security service to stop functioning. An attacker…
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft 365 users targeted by new phishing threat that bypasses MFA
Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/22/kali365-microsoft-365-phishing-fbi-warning/
-
FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables attackers to bypass multi-factor authentication (MFA) by exploiting OAuth-based authentication flows. Kali365 PhaaS Platform Targets Microsoft…
-
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinas-webworm-discord-microsoft-graphs
-
Microsoft kämpft mit zwei Schwachstellen – XSS in Exchange, BitLocker durch Downgrade-Angriffe angreifbar
First seen on security-insider.de Jump to article: www.security-insider.de/exchange-xss-cve-2026-42897-bitlocker-luecke-a-2d490f90f669e6d42f72dbdb83392052/
-
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
Tags: adobe, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2008-4250 (CVSS v3.1 score of 9.8) is a…
-
Breach Roundup: Shai-Hulud Copycat Hits npm
Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug Spam. This week, more incidents that we can here list. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven…
-
Microsoft open-sources tools for designing and testing AI agents
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/microsoft-open-sources-tools-for-designing-and-testing-ai-agents/
-
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and malware as trusted software. The post Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-fox-tempest-malware-signing-service/
-
Scammers are abusing an internal Microsoft account to send spam links
The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/21/scammers-are-abusing-an-internal-microsoft-account-to-send-spam/
-
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges.”Improper link resolution before file access (‘link following’) in Microsoft…
-
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/
-
Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
Microsoft has disclosed two new zero-day vulnerabilities in Microsoft Defender that are actively being exploited in the wild, raising concerns among security professionals and enterprise users. The vulnerabilities, tracked as CVE-2026-41091 and CVE-2026-45498, were officially released on May 19, 2026, and both have confirmed exploitation activity according to Microsoft’s security advisory. The most critical of…
-
Golem Karrierewelt: Heute im Podcast: Microsoft Copilot – erst planen, dann aktivieren
Microsoft Copilot kann Arbeit beschleunigen, Wissen sichtbar machen und Routinen vereinfachen. Ohne Planung verstärkt die KI aber bestehende Schwächen bei Daten, Berechtigungen und Governance. First seen on golem.de Jump to article: www.golem.de/news/golem-karrierewelt-heute-im-podcast-microsoft-copilot-erst-planen-dann-aktivieren-2605-208680.html
-
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Despite Internet Explorer’s retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users. First seen on hackread.com Jump to article: hackread.com/microsoft-retired-ie-tool-mshta-fileless-malware-attack/