Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Microsoft

20 articles

GBHackers Campaigns Microsoft Jun 4

Stock Exchange Executive’s Outlook Targeted in Credential Theft Attack

A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major g...

T1078

GBHackers →

The Hacker News Campaigns Microsoft Broadcom Jun 4

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in smal...

The Hacker News →

Security Affairs Zero-Day Microsoft GitHub Jun 4

Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process

A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling. The security researcher Ammar Askar fou...

Security Affairs →

SecurityWeek Vulnerability Disclosure Microsoft GitHub Jun 4

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed the full details of the vulnerability and released a PoC without notifying Microsoft in advance. The post VS Code Vulnerability Al...

SecurityWeek →

GBHackers Phishing Microsoft Okta Intel Jun 4

Kali365 PhaaS Expands to Okta, MAX Messenger Attacks

The Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta s...

T1566

GBHackers →

SANS ISC General Microsoft Jun 4

Microsoft's Coreutils for Windows, (Thu, Jun 4th)

I&#;x26;#;39;ve been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows).

SANS ISC →

GBHackers General Microsoft Jun 4

Microsoft Introduces Always-On AI Agent Scout for Teams, Outlook, and More

Microsoft has introduced an always-on AI agent named “Scout,” marking the debut of a new category of enterprise automation called “Autopilots.

GBHackers →

Zero Day Initiative CVE Microsoft Jun 4

ZDI-26-331: (Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit thi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Jun 4

ZDI-26-330: (Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute arbitrary cross-origin script on affected installations of Microsoft Edge. User interaction is required...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Jun 4

ZDI-26-329: (Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability

This vulnerability allows remote attackers to access restricted functionality on affected installations of Microsoft Edge. User interaction is required to ex...

1 IOC

Zero Day Initiative →

CSO Online Vulnerability Disclosure Microsoft GitHub Jun 4

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

A vulnerability in GitHub’s browser-based VSCode editor could lead to the theft of a developer’s token under certain circumstances, says a researcher. The is...

T1598

CSO Online →

SC Media General Microsoft Jun 3

Microsoft Edge retires master password feature, adopts passkeys and biometrics

As of June 4, Microsoft will disable the master password feature in Edge, replacing it with device-based authentication such as Windows Hello, which includes...

SC Media →

SC Media CVE Microsoft Jun 3

Unpatched Windows search URI handler issue leaks NTLMv2 hashes

The newly identified issue, similar to a previously patched vulnerability in the Windows Snipping Tool (CVE-2026-33829), resides in the search URI handler.

1 IOC

SC Media →

The Hacker News General Microsoft Google Zoom SAP Jun 3

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and ...

The Hacker News →

Security Affairs Campaigns Microsoft Broadcom Jun 3

Cyber espionage campaign targeted stock exchange executive’s Outlook account

Attackers spent five months silently stealing emails from a stock exchange executive’s Outlook account in a suspected espionage operation. A threat actor qui...

Security Affairs →

SC Media Ransomware Microsoft Cloudflare Sophos Jun 3

AI accelerates development of ransomware toolkit with EDR evasion capabilities

The toolkit, discovered by Sophos, includes features such as Cobalt Strike profiles to disguise beacon traffic, a Telegram bot API for command and control, P...

T1562 T1071

SC Media →

Qualys Blog General Microsoft Qualys Jun 3

Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike 

Executive Summary Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery network, cutting patch prop...

Qualys Blog →

The Hacker News General Microsoft Google Jun 3

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to truste...

The Hacker News →

Help Net Security Vulnerability Disclosure Microsoft Jun 3

Microsoft responds to security challenges emerging in AI development

Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models. The updates incl...

Help Net Security →

The Hacker News General Microsoft GitHub Jun 3

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token....

The Hacker News →

«Previous page 1 ... 19 20 21 22 23 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA