-
Microsoft is warning that North Korea‑aligned group Jasper Sleet is abusing remote hiring to slip fake IT workers into cloud environments by posing as legitimate staff and then abusing trusted access. Since the pandemic, many companies hire globally, v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
More than 1,370 Microsoft SharePoint servers remain publicly exposed to an actively exploited spoofing vulnerability, putting countless corporate networks at severe risk. Identified by threat intelligence researchers at The Shadowserver Foundation, the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft-signed developer tooling is being abused to quietly deploy a new LOTUSLITE backdoor variant against India’s banking sector, in what researchers link to the China‑nexus Mustang Panda espionage cluster with moderate confidence. The backdoor ret…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has issued an emergency out-of-band security update to address a severe vulnerability within the .NET framework. The critical release of .NET 10.0.7 patches an Elevation of Privilege flaw that inadvertently surfaced after a recent routine sys…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new macOS-focused cyber campaign linked to the North Korean threat actor Sapphire Sleet, highlighting how attackers are increasingly relying on social engineering rather than software vulnerabilities to compromise systems. Rather than exploiting secu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing a service called FUD Crypt to generate fully undetected, Microsoft‑signed malware that installs persistence and connects to a dedicated command‑and‑control (C2) platform with zero effort on the buyer’s part. This Malware‑as‑a‑…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has rolled out Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, bringing crucial updates for system security and storage management. Announced by the Windows Insider Program Team on April 10, 2026, this release delivers enhance…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently deploys the ScreenConnect remote monitoring and management (RMM) client for ha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers after deploying the April 2026 cumulative update KB5082063 (OS Build 26100.32690), released on April 14, 2026. Affected domain controllers are entering repe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
