Tag

#microsoft

43 stories taggedmicrosoft · page 2 of 3.

Cloud Security

Microsoft's Email Security Claims Under Scrutiny: Experts Weigh In

Microsoft's latest data suggests a single-vendor approach may be enough for email security, but experts urge caution.

2 min
Threat Intelligence

ScarCruft Dresses Up NarwhalRAT in a Microsoft Account Security Alert

APT37's spear-phish leans on the oldest trick in the identity playbook: tell the user their account is at risk, then hand them the payload.

2 min
Threat Intelligence

Week in Brief: Google Security Cuts, AudiA6 Forum Axed, Coupang's $400M Fine

ICS exposure holds flat while the attack surface grows, IBM and AT&T face hack cover-up allegations, and Microsoft quietly drops an AI incident-response playbook.

2 min
Vulnerabilities

GreatXML Bypasses BitLocker Through a Trusted Recovery Path

A researcher's four-hour weekend project shows how Windows' own offline scan plumbing can sidestep full-disk encryption.

3 min
Vulnerabilities

210 CVEs, Three Zero-Days, and a Microsoft Warning That This Is Just the Beginning

June Patch Tuesday sets a volume record. Microsoft says AI-assisted discovery is why, and that you should get used to it.

3 min
Vulnerabilities

Microsoft's October Dump: 206 CVEs, Three Already Public

A record Patch Tuesday hauls in 39 Critical bugs and a trio of zero-days that were knocking around before the fix shipped.

2 min
AI Security

AI Red Teaming Grew Up. The Job Description Is Still Being Written.

The tools broke when LLMs arrived. Now the discipline is rebuilding itself in real time — and the threat model includes teenagers with too much free time.

3 min
Vulnerabilities

Microsoft Ships Record 200-Bug Patch Tuesday as 'Nightmare Eclipse' Drops Windows Zero-Days

AI-assisted bug hunting, a confrontational researcher, and a Shai-Hulud worm variant inside Microsoft's own repos shape an outsized June rollup.

3 min
Vulnerabilities

Microsoft Ships KB5094127 ESU as Secure Boot Cert Rollover Looms

The June 2026 extended security update for Windows 10 patches Patch Tuesday bugs and adds telemetry to track the Secure Boot certificate transition.

2 min
Threat Intelligence

Microsoft Pulls GitHub Repos After 73 Open-Source Projects Get Stealer-Spiked

The 'Miasma' incident looks less like a novel supply-chain zero-day and more like classic account takeover hitting a soft target: the org's own open-source footprint.

3 min
Threat Intelligence

Microsoft Bakes a Two-Hour Quarantine Into VS Code Extension Auto-Updates

The delay is a soft tripwire against marketplace supply chain attacks — buying defenders a window to flag malicious updates before they propagate.

3 min
Vulnerabilities

One-Click VS Code Flaw Exposed GitHub OAuth Tokens to Theft

A researcher-disclosed bug in Microsoft's browser-based VS Code variant let a single crafted link siphon tokens with read/write access to private repos.

3 min
Threat Intelligence

Miasma Self-Replicating Worm Reaches Microsoft GitHub Orgs, 73 Repos Affected

The campaign — tracked publicly as Miasma — propagated into Azure, Azure-Samples, Microsoft, and MicrosoftDocs before GitHub pulled access.

2 min
AI Security

Microsoft Expands Its Agentic AI Failure Taxonomy With Seven New Attack Classes

From inter-agent trust escalation to MCP plugin abuse, the updated taxonomy surfaces threat categories that didn't exist — or weren't well-understood — when Microsoft published its first version.

2 min
Vulnerabilities

GitHub's Browser VSCode Handed Attackers a Skeleton Key to Your Private Repos

An unscoped OAuth token, a Jupyter notebook, and a skipped publisher trust check. That's all it took.

3 min
© 2026 Threat Vectr