Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Microsoft

20 articles

Microsoft Security Blog General Microsoft Jun 8

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. T...

T1204

Microsoft Security Blog →

Help Net Security General Microsoft Apple Jun 8

RidgeBot 7.0 automates Active Directory attack simulations for security validation

Ridge Security has announced the release of RidgeBot 7.0, an update to its automated security validation platform that introduces automated Windows Active Di...

Help Net Security →

GBHackers Vulnerability Disclosure Microsoft Google Apple Amazon Linux Jun 8

Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs

Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, includ...

T1190

GBHackers →

GBHackers Vulnerability Disclosure Microsoft Jun 8

Internet Explorer WebBrowser Control Abuse Lets Attackers Convert Clicks Into RCE

Internet Explorer’s legacy WebBrowser control can be abused to turn seemingly harmless user clicks into full remote code execution (RCE), even on systems tha...

T1190

GBHackers →

The Hacker News Campaigns Microsoft Linux Jun 8

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families co...

The Hacker News →

The Hacker News Supply Chain Microsoft Jun 8

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are ...

T1195

The Hacker News →

GBHackers TTPs Microsoft Jun 8

EDRChoker Tool Abuses Windows QoS Policies to Disrupt Endpoint Security Tools

A newly disclosed red-team tool dubbed “EDRChoker” is drawing attention across the cybersecurity community for its novel approach to disrupting Endpoint Dete...

T1562

GBHackers →

GBHackers General Microsoft GitHub Jun 8

Microsoft Warns Claude Code GitHub Action May Expose CI/CD Secrets

Anthropic’s Claude Code GitHub Action could unintentionally expose CI/CD workflow secrets when AI agents process untrusted GitHub content. The risk arises be...

T1598

GBHackers →

Help Net Security Campaigns Microsoft Jun 8

When attacks spread too far: Lessons from real cyber attack case studies

In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during ...

T1566

Help Net Security →

Help Net Security General Microsoft GitHub Jun 8

GitHub Copilot app launches as desktop home for AI coding agents

GitHub introduced the Copilot app, a desktop application built for working with AI coding agents, at Microsoft Build 2026. The release expands GitHub’s Copil...

Help Net Security →

BleepingComputer General Microsoft Intel Jun 7

Hands on with Intelligent Terminal, an AI-powered Windows Terminal

Microsoft has created an open-source fork of Windows Terminal called "Intelligent Terminal," and it allows you to use AI directly inside Terminal without int...

BleepingComputer →

HackRead Campaigns Microsoft Jun 6

New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication an...

T1566

HackRead →

GBHackers Campaigns Microsoft Jun 6

China-Linked Espionage Cluster Deploys Custom ASPX/ASHX Shells on IIS

A previously disclosed China-linked threat cluster, tracked as OP-512, has been observed deploying a purpose-built web shell framework to compromise Internet...

T1190

GBHackers →

The Hacker News Campaigns Microsoft GitHub Jun 6

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impac...

T1195 T1598

The Hacker News →

SC Media General Microsoft Jun 5

New China-linked threat cluster OP-512 targets Microsoft IIS servers

OP-512 deploys a custom web shell framework consisting of three distinct web shells, designed to provide attackers with remote access while evading detection.

T1190

SC Media →

BleepingComputer Campaigns Microsoft Jun 5

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware ...

BleepingComputer →

CSO Online General Microsoft Jun 5

Microsoft identifies seven new ways AI agents can be hacked

Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it identified last year in its first Taxonomy of Failure Modes i...

CSO Online →

Rapid7 Blog Data Breach Microsoft Rapid7 Linux Apache Jun 5

Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum

When Open Source is a bit too Open Several fun modules landed this week, including an Apache RCE, Windows Kernel pointer collection, and Gogs RCE via naming....

Rapid7 Blog →

Microsoft Security Blog General Microsoft GitHub Intel Jun 5

Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific condi...

Microsoft Security Blog →

Cyberscoop General Microsoft Jun 5

Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away

When a researcher went public with Microsoft vulnerabilities, it laid bare a conflict that has never really been solved. The post Nightmare Eclipse incident ...

Cyberscoop →

«Previous page 1 ... 17 18 19 20 21 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA