The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting hundreds of organizations.

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, ...

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing ...

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...

A security researcher reported a vulnerability to Microsoft. But when the company didn't respond quickly enough, he went public with real exploit code.

Microsoft released security patches for 31 vulnerabilities across Windows, Office, and Azure, including two actively exploited zero-day flaws. PCWorld reports that critical vulnerabilities affect ...

Researchers confirm the bug works, while Microsoft gives a bland statement.

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions Your email has been sent A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes ...