A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

Overview On June 9, NSFOCUS CERT detected that Microsoft released a security update patch for June, fixing 206 security issues involving widely used products such as Windows, Microsoft Office, ...

Microsoft Threat Intelligence recently uncovered a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus ...

Microsoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach ...

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to ...

AI search has outgrown simple RAG. Learn how today’s hidden AI retrieval systems decide whether your content gets surfaced or filtered out. Two and a half years ago, I wrote an article for Search ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

Microsoft 365 Business with Copilot introduces an integrated solution designed specifically for small businesses, combining productivity apps, security, and AI in one offering. You get built-in ...