A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...
Microsoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach ...
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 ...
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw ...
Access to Copilot in the dashboard comes from launching an app from the Visual Studio Code editor or Visual Studio IDE. The updated version 9.3 dashboard also features a context menu providing quick ...
This guide explains what Microsoft Graph Explorer does and how you can use it to test Microsoft Graph API requests quickly. You will learn how to open it, run queries, adjust permissions, view code ...
Microsoft's UEM software leverages AI to simplify IT operations, enhance security, and improve the end-user experience across a wide range of devices and platforms. In today’s multi-device, ...
Microsoft announced Tuesday that it has signed a deal with AMD to “co-engineer silicon” — make the chips, in other words — for its “next-generation Xbox consoles.” President of Xbox Sarah Bond made ...
Azure cross-tenant synchronization (CTS) was made generally available on May 30, 2023, and introduced a new attack surface on Microsoft Entra ID (formerly Azure Active Directory) where attackers can ...
UPDATE (June 5 th, 2025): Since publishing this blogpost, we have updated our tracking to better reflect the full range and complexity of the malicious activities carried out by the OilRig APT group.