Microsoft

Microsoft Digital Defense Report 2025

This year’s Microsoft Digital Defense Report (MDDR) showcases the scale and sophistication of today’s cyber threats, the impact of emerging technologies on those threats, and the strategies that ...

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

A hacker noticed the change in its status and hijacked the dead add-in and its 4.71-star rating to conduct a phishing campaign that the company which uncovered the attack, plug-in security company Koi ...
Windows Report

Hackers Hijack Outlook Add-In to Steal 4,000+ Microsoft Accounts

Hackers hijacked a legitimate Outlook add-in and turned it into a phishing kit, stealing over 4,000 Microsoft credentials ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
ZDNet

Microsoft's latest zero-day patch blocks a viral Office document hack - how to protect your PC ASAP

Microsoft has released a patch to resolve a security flaw in Office. The flaw could let a malicious file attachment infect your PC. Office 2016 and 2019 users must manually update the program.
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an ...
Bleeping Computer

New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware. The ...