Whats The Hax? 🔒 A Fraud, Infosec, and Security News Aggregator

Cybersecurity News & Threat Intelligence đŸ›Ąïž

Stay ahead of cyber threats with breaking security news, vulnerability alerts, and expert analysis. Coverage includes ransomware, data breaches, incident response, and cybersecurity best practices.

Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials ❧ After Mythos: New Playbooks For a Zero-Window Era ☙ ❧ Microsoft: New Remote Desktop warnings may display incorrectly ❧ Recently updated a authentic minecraft mod launcher called Modrinth ☙ ❧ RansomHouse claims breach of a popular Cybersecurity Vendor, possibly Barracuda Networks ❧ Hacker who allegedly carried out cyberattacks for China is extradited to US ☙ ❧ Microsoft asks iPhone users to reauthenticate after Outlook outage ❧ Proofpoint Research Reveals Half of Global Organizations Experienced AI Incidents Despite Having AI Security Controls in Place ☙ ❧ Spectrum Security Emerges From Stealth Mode With $19 Million ❧ More of What Matters: Forter’s April Product Release ☙ ❧ Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks ❧ Where are security teams seeing the biggest practical gaps today? ☙ ❧ Cybersecurity researchers have discovered a Lua-based malware created years before Stuxnet ❧ Example structure for evidence-based vulnerability reports ☙ ❧ Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover ❧ Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak ☙ ❧ Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 ❧ DeepZero - Automated Vulnerability Research ☙ ❧ goodboy-framework: 15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal. ❧ Reverse Engineering a Ledger Nano X Hardware Implant ☙ ❧

SecurityWeek
Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials
Spectrum Security Emerges From Stealth Mode With $19 Million
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
Incomplete Windows Patch Opens Door to Zero-Click Attacks
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google
Energy and Water Management Firm Itron Hacked
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator
cybersecurity
Tracehound and the case for a forensic readiness
New cybersecurity tool feedback
Microsoft's AI Agent Role Had a Scoping Bug
Reflections on BlackHat Asia 2026 and Arsenal
RansomHouse claims breach of a popular Cybersecurity Vendor, possibly Barracuda Networks
Win64PalisadeSecurity: A Modern, Novel Security Tool That Is Lightweight and Modular. It Works In Modules.
Hacker who allegedly carried out cyberattacks for China is extradited to US
eBPF secrets injection
Is CCNA worth it for a security career?
Where are security teams seeing the biggest practical gaps today?
The Hacker News
After Mythos: New Playbooks For a Zero-Window Era
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
hacking: security in practice
Microsoft's AI Agent Role Had a Scoping Bug
Cybersecurity researchers have discovered a Lua-based malware created years before Stuxnet
usajobsgov doing weird things with “immigration” related job listings
Onde Ă© esse forum?
Spoofing failed?
Is there a way to bypass BIOS password without a "system disabled" code from failed attempts?
Can I use this for some other uses ??.
MCPwned: a Burp Suite extension for auditing MCP servers
HTB Voleur Walkthrough | CPTS Preparation
The SOC Analyst Role Is Changing
BleepingComputer
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.
Microsoft asks iPhone users to reauthenticate after Outlook outage
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their O...
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their ...
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73
Canada arrests three for operating “SMS blaster” device in Toronto
Canadian authorities have arrested three men for operating an
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges.
FTC: Americans lost over $2.1 billion to social media scams in 2025
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025.
PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to d...
Webinar: Spotting cyberattacks before they begin
On Thursday, April 30 at 2:00 PM ET, BleepingComputer will host a live webinar with threat intelligence company Flare and threat intelligence researcher Tammy Harper, exploring how...
Malware Analysis & Reports
Recently updated a authentic minecraft mod launcher called Modrinth
This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0
Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely
New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses
Save time and use Zig to write your Malware POC
Cracking CastleLoader’s Inno Setup Password
I built a C2 framework that uses Discord and Telegram for communication
fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet.
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs
Proofpoint News Feed
Proofpoint Research Reveals Half of Global Organizations Experienced AI Incidents Despite Having AI Security Controls in Place
Inaugural global study finds more than half of organizations are not fully confident their AI security controls would detect compromised AI
Clear market trend for software providers to help with AI: Proofpoint CEO
Sumit Dhawan, Proofpoint CEO, joins 'Closing Bell' to discuss ServiceNow's quarterly earnings results, if Anthropic's Mythos makes incumbent players more important and much more.
Proofpoint CEO on AI Security Innovations | Nasdaq at RSAC 2026
Cargo thieving hackers running sophisticated remote access campaigns, researchers find
Freight Hacker Wields Code-Signing Service to Evade Defenses
Sumit Dhawan on NYSE Floor Talk | Proofpoint AI Security
FIFA World Cup 2026: More than One-Third of Official Partners Expose the Public to the Risk of Email Fraud
Analysis by cybersecurity company Proofpoint reveals that while most partners have implemented baseline email authentication, many are still not proactively blocking fraudulent ema...
Microsoft 365 mailbox rules abused for exfiltration, persistence
How AI is getting better at finding security holes
Anthropic announced this week that its new model found security flaws in "every major operating system and web browser." Even before the news, AI models had gotten dramatically bet...
AI Security Risks: Proofpoint CSO Ryan Kalember, Live at RSAC 2026
Watch the Fireside Below, or Click HERE: Tech Edge hosted a fireside chat on March 25 at RSA Conference 2026 in San Francisco with Ryan Kalember, Chief Strategy Officer at Proofpoi...
Blog – Forter
More of What Matters: Forter’s April Product Release
If AI Agents Can’t Find You, Do You Even Exist?
Return Policy Abuse Is Theft. It’s Time to Treat It That Way.
What Is Return Abuse and Why Is It Getting Harder to Stop?
Return Abuse Prevention Starts with the Person, Not the Policy
Shoptalk 2026: Retail in the Age of AI
Visa’s Updated VAMP Program: What Merchants Need to Know
New at Forter: Go Live in Days, Not Months
Forter and VGS Expand Partnership to Power Trusted Agentic Commerce
Unlocking Agentic Commerce for Enterprise Merchants with Forter
Reverse Engineering
Example structure for evidence-based vulnerability reports
DeepZero - Automated Vulnerability Research
rfcat-py3
Using Google's Gemma 4 E4B local AI model to Reverse Engineer a simple Crackme
/r/ReverseEngineering's Weekly Questions Thread
Importing GTA IV texture dictionary natively in Unreal
[CrackMe] PyVMP v5 : The Wall. I dare you to break it (again).
Built a tool for reverse-engineering code line-by-line (30+ languages) with vibe code AI Instead of summarizing functions, it explains *each line in context* — useful for:
Claude APK reverse engineering
NEC V810 and V830 (V800 family) CPU Definition module for Ghidra
For [Blue|Purple] Teams in Cyber Defence
goodboy-framework: 15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.
Reverse Engineering a Ledger Nano X Hardware Implant
TLGMapper: An IDA Pro script that parses TraceLogging metadata embedded in x64 PE binaries and resolves each event to its owning ETW provider and the function that fires it.
Bypassing Windows authentication reflection mitigations for SYSTEM
DrvEye: Static analysis & exploitation-triage toolkit for Windows kernel drivers. Discover IOCTLs, Symbolic Links, and check cert ,
GRAPH-AWARE LLM FOR WINDOWS LOGONS WITH A CLOSED-LOOP GUARDED DETECTION AGENT
M3rx ransomware: inside a new leak-site actor and Go encryptor
Eatser Bunny an APT29 implant
SharkMCP: A swiss-knife MCP server for analysing PCAP files
Kyber ransomware is not just post-quantum name-dropping
Latest news
My 5 favorite open source operating systems that aren't Linux
Looking for non-Linux open-source options? From ghosts of past operating systems to fascinating works in progress, here are my top picks.
This hidden TV feature tracks your viewing - here's how to turn it off (no matter what brand)
Samsung, LG, and Sony TVs can pose privacy risks - here's how to avoid a major one.
77% of IT managers say their AI agents are out of control - 5 ways to rein in yours
The unchecked proliferation of AI agents is leading to a large volume of unsanctioned AI applications.
GitHub Copilot shifts to usage-based pricing June 1 - why that's no surprise
Under the new approach, if you run out of credits, you can't use the service. GitHub plans to preview the new billing in early May.
This LG portable projector comes with a free soundbar - and we highly recommend it
The CineBeam Q is a high-quality portable projector, and with this deal and a free LG S40T soundbar, you can make it a permanent addition to your home theater.
T-Mobile will give you $200 for switching to them - seriously
Get a $200 prepaid Mastercard when you bring your device and old number to T-Mobile. We break down the deal.
I tried this Bluetti power station with wheels - now every other charger feels outdated
The Bluetti Elite 400 has something that you don't see on many power stations, and it can charge just about anything.
Samsung Wallet just got a travel feature that I hope Google Wallet copies ASAP
This is a pretty big perk for Galaxy users since there's nothing like it built into Android.
6 MacOS settings I immediately change on every new Mac - and why
Out of the box, MacOS is pretty user-friendly and flexible. Still, I make these tweaks right away to make it even better.
I used a $4 timer to reboot my router, and it actually made my internet faster
I've tried so many different ways to reboot my router, and it turns out the best solution costs barely anything.
Technical Information Security Content & Discussion
[ Removed by Reddit ]
Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary
MCPwned: a Burp Suite extension for auditing MCP servers
Attempting to evade an AI SOC with offensive agents
Large-scale security audit of 1,764 "vibe-coded" apps: 7% have wide-open Supabase DBs, 15% of Bolt apps ship hardcoded API keys, plus IDOR and zero-auth APIs
Media player pivot: How I got back into my own server
Cohere Terrarium (CVE-2026-5752) and OpenAI Codex CLI (CVE-2025-59532): a cross-CVE analysis of AI code sandbox escapes
What Really Happened In There? A Tamper-Evident Audit Trail for AI Agents
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
CVE-2026-34621: Adobe Acrobat Reader zero-day was on VirusTotal for 136 days before Adobe named it a CVE
Security - Ars Technica
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Crypto scam lures ships into Strait of Hormuz, falsely promising safe passage
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
"TotalRecall Reloaded" tool finds a side entrance to Windows 11's Recall database
The Record from Recorded Future News
Supreme Court signals location data searches should require a warrant
Tennessee becomes second state to ban cryptocurrency ATMs over scam concerns
Money launderer for crypto thieves given 5-year sentence
Disinformation campaign targeted Tibetan parliament-in-exile elections
Italy extradites alleged Chinese state hacker to US
Security Latest
Cole Allen Charged With Attempting to Assassinate Trump
California Engineer Identified in Suspected Shooting at White House Correspondents’ Dinner
Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos
The Latest Push to Extend Key US Spy Powers Is Still a Mess
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
AI Tools Are Helping Mediocre North Korean Hackers Steal Millions
Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox
Meta Is Sued Over Scam Ads on Facebook and Instagram
They Built a Legendary Privacy Tool. Now They’re Sworn Enemies
The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad
MSRC Security Update Guide
CVE-2026-26149 Microsoft Power Apps Desktop Client Spoofing Vulnerability
CVE-2026-32202 Windows Shell Spoofing Vulnerability
CVE-2018-0734 Timing attack against DSA
CVE-2018-0735 Timing attack against ECDSA signature generation
CVE-2026-23372 nfc: rawsock: cancel tx_work before socket teardown
CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting
CVE-2026-23370 platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
CVE-2026-23368 net: phy: register phy led_triggers during probe to avoid AB-BA deadlock
CVE-2026-23367 wifi: radiotap: reject radiotap with unknown bits
CVE-2026-23365 net: usb: kalmia: validate USB endpoints
Cisco Security Advisory
Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromi...
Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to re...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cross-site scripting (XSS)...
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to execute arbitrary co...
Cisco Catalyst SD-WAN Vulnerabilities
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to...
Cisco Webex Services Certificate Validation Vulnerability
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user w...
Cisco Secure Web Appliance Authentication Bypass Vulnerability
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authenticat...
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to achieve remote ...
Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrati...
Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privi...
Alerts
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
​​Supply Chain Compromise Impacts Axios Node Package Manager​
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
All CISA Advisories
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Carlson Software VASCO-B GNSS Receiver
Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
CISA Adds One Known Exploited Vulnerability to Catalog
FIRESTARTER Backdoor
Yadea T5 Electric Bicycle
Defending Against China-Nexus Covert Networks of Compromised Devices
Milesight Cameras
SpiceJet Online Booking System
Intrado 911 Emergency Gateway (EGW)
WeLiveSecurity
The calm before the ransom: What you see is not all there is
GopherWhisper: A burrow full of malware
New NGate variant hides in a trojanized NFC payment app
What the ransom note won’t say
That data breach alert might be a trap
Supply chain dependencies: Have you checked your blind spot?
Recovery scammers hit you when you’re down: Here’s how to avoid a second strike
As breakout time accelerates, prevention-first cybersecurity takes center stage
Digital assets after death: Managing risks to your loved one’s digital estate
This month in security with Tony Anscombe – March 2026 edition
Securelist
PhantomRPC: A new privilege escalation technique in Windows RPC
Kaspersky researcher discovered a vulnerability in RPC architecture that enables an attacker to create a fake RPC server and escalate their privileges.
FakeWallet crypto stealer spreading through iOS apps in the App Store
In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets.
Threat landscape for industrial automation systems in Q4 2025
The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics and statistics by industry.
JanelaRAT: a financial threat targeting users in Latin America
Kaspersky GReAT experts describe the latest JanelaRAT campaign detailing infection chain and malware functionality updates.
The long road to your crypto: ClipBanker and its marathon infection chain
Threat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware that replaces cryptocurrency wallet...
Financial cyberthreats in 2025 and the outlook for 2026
In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware, and infostealers.
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.
An AI gateway designed to steal your data
Dissecting the supply chain attack on LiteLLM, a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how to protect yourself.
Coruna: the framework used in Operation Triangulation
Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the...
Anatomy of a Cyber World Global Report 2026
The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Respons...
Recorded Future
From Overwhelmed to Autonomous: Rethinking Threat Intelligence in 2026
For most security teams today, volume and access to intelligence isn’t the problem. It’s the speed at which they can turn that intelligence into action. .
The Iran War: What You Need to Know
Insikt Group tracks the cyber, physical, and geopolitical components of the US-Israeli strikes on Iran — with continuously updated threat analysis and scenarios.
Critical minerals and cyber operations
Learn how critical minerals and rare earth elements (REEs) are evolving from commodities into strategic flashpoints. Explore the geopolitical risks of China’s refining dominance, t...
Today, trust is the superpower that makes innovation possible
How better intelligence and collaboration can unlock new opportunities for growth and greater financial health for more people.
Evolution of Chinese-Language Guarantee Telegram Marketplaces
Chinese-language, Telegram-based “guarantee” marketplaces are increasingly popular among Chinese-speaking criminal groups despite the widely publicized shutdown of Huione Guarantee...
AI Hype vs. Reality: Is AI Really Rewriting the Vulnerability Equation?
AI vulnerability research and discovery capabilities are improving, but they have not changed the fundamentals of vulnerability management.
Emerging Enterprise Security Risks of AI
Agentic AI adoption is accelerating rapidly as enterprise software and applications increasingly incorporate task-specific AI agents, enabling autonomous execution of complex tasks...
4 Essential Integration Workflows for Operationalizing Threat Intelligence Recorded Future
Learn how to integrate threat intelligence into your existing security stack with Recorded Future. Explore four stages of cyber maturity, four key integration workflows, and practi...
From Bazooka to Fake Nikes
A deep dive into business impersonation fraud — from fake companies cashing stolen checks to AI-powered shopping scams — and why the same vulnerability enables both.
Your Supply Chain Breach Is Someone Else's Payday
A supply chain attack by TeamPCP compromised trusted software tools to harvest credentials at scale, enabling payroll fraud, logistics theft, and ransomware extortion.
Fraud Prevention – Riskified
Agentic commerce: harness it, don’t outsource it
ZDI: Upcoming Advisories
ZDI-CAN-29143: Apple
Microsoft 365 Blog
Copilot’s agentic capabilities in Word, Excel, and PowerPoint are generally available
Copilot's newest features are now generally available as the default experience across all Microsoft 365 subscriptions.
Bring your everyday business apps into the flow of work with agents in Microsoft 365 Copilot
Discover how apps integrate with AI agents to power Copilot experiences, streamline workflows, and turn business context into action.
New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration
Explore what's new in Copilot Studio: Multi-agent systems now generally available, plus updates to the Prompt Editor and governance controls.
Copilot Cowork: Now available in Frontier
Today, Copilot Cowork—designed for long-running, multi-step work in Microsoft 365—is available via the Frontier program.
Copilot Cowork: A new way of getting work done
Copilot Cowork turns intent into action across Microsoft 365—automating tasks, coordinating workflows, and keeping you in control. See how.
Powering Frontier Transformation with Copilot and agents
Wave 3 of Microsoft 365 Copilot introduces Copilot Cowork, multi‑model intelligence, and enterprise‑ready AI—built to get real work done.
SharePoint at 25: How Microsoft is putting knowledge to work in the AI era
Discover how SharePoint’s 25‑year legacy powers Microsoft 365 Copilot, Work IQ, and AI‑driven knowledge for organizations worldwide.
Microsoft Sovereign Cloud adds governance, productivity, and support for large AI models securely running even when completely disconnected
The ultimate Microsoft 365 community event returns—your front‑row seat to the future of intelligent work
Join the ultimate Microsoft 365 community event with fresh insights, AI innovations, and a front‑row look at the future of intelligent work.
6 core capabilities to scale agent adoption in 2026
Learn six capabilities to support agent adoption at scale in 2026 with Microsoft Copilot Studio, from governance and security to operations.
Microsoft Security Blog
AI-powered defense for an AI-accelerated threat landscape
Read how Microsoft is partnering with Anthropic and broader industry to use leading models, paired with our platforms and expertise, to turn AI-driven discovery into protection at ...
Detection strategies across cloud and identities against infiltrating IT workers
The shift to remote and hybrid work since the pandemic expanded global hiring and accelerated digital onboarding, increasing reliance on online identity verification and remote acc...
Making opportunistic cyberattacks harder by design
How Microsoft secures Dynamics 365 and Power Platform by removing credentials, reducing attack surfaces, and using platform engineering to block opportunistic threats.
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant remote access. Once inside, attackers can abuse legiti...
Containing a domain compromise: How predictive shielding shut down lateral movement
Domain compromise accelerates fast. Predictive shielding slowed it down. This real-world attack shows how exposure-based containment stopped credential abuse and broke the threat a...
Building your cryptographic inventory: A customer strategy for cryptographic posture management
Learn how to build a comprehensive cryptographic inventory and strengthen quantum‑safe readiness using Microsoft Security tools, best‑practice lifecycle models, and partner solutio...
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North Korean threat actor Sapphire Sleet that abuses user driven ...
Incident response for AI: Same fire, different fuel
AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed.
The agentic SOC—Rethinking SecOps for the next decade
In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes.
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian ...
CISA Cybersecurity Advisories
Defending Against China-Nexus Covert Networks of Compromised Devices
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
CISA Shares Lessons Learned from an Incident Response Engagement
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
#StopRansomware: Interlock
Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Russian GRU Targeting Western Logistics Entities and Technology Companies
Krebs on Security
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert ...
Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-d...
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security e...
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Rus...
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wi...
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three...
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Mich...
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this mo...
How AI Assistants are Moving the Security Goalposts
AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popular...
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botne...
Heimdal Security Blog
Heimdal Expands AI Strategy with AI Wingman and Third-Party AI Containment
Heimdal today unveiled the next phase of its AI strategy, expanding AI Wingman with three new layers - Assist, Triage and SOC - alongside the introduction of Third-Party AI Contain...
You Only Know What You’ve Got When Its Gone
Prepare for the expected. Rehearse an action plan in case of technology failure or cyberattacks. We all know they can happen.
Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade
Heimdal has appointed Elovade as its official distributor in the Nordic region. The move gives MSPs and resellers across Sweden, Norway, Denmark, Iceland, and Finland direct access...
OpenClaw Incidents Show Why AI Adoption Pressure Puts Companies at Risk
The OpenClaw security failures show how hasty AI adoption can expose businesses and supply chains to major cyber risk.
Heimdal Claims Industry First With a Cyber Essentials Control Mapping for PEDM to Help Organisations Prove Least Privilege
Heimdal is the first vendor to publish a dedicated Cyber Essentials control mapping for PEDM, setting out how privilege management supports Cyber Essentials requirements and what e...
Five Predictions for Cyber Security Trends in 2026
Morten Kjaersgaard, Heimdal’s Founder, and Adam Pilton, a former cybercrime investigator, predict five cyber security trends for 2026. 
Heimdal Achieves OPSWAT Gold Certification for Anti-Malware
Heimdal today announced that its Next-Gen Antivirus (NGAV) with Extended Threat Protection (XTP) has achieved OPSWAT Gold Certification for Anti-Malware, validating its compatibili...
How to Avoid Holiday Shopping Scams (From a Former Cyber Detective)
Worried about holiday scams? Ex-cybercrime detective Adam Pilton breaks down the biggest threats and how to shop safely this festive season.
ITDR Best Practices: How to Detect, Prevent, and Contain Critical Identity Threats
Key takeaways: ITDR solutions monitor identity-based threats that traditional security tools miss, like hackers logging in with stolen credentials Effective ITDR requires integrati...
When Buyers Discount MSPs With One Big Customer
Your biggest customer loves you. Three years together. They trust you, pay on time, and refer others. From where you sit, that’s loyalty. From where a buyer sits, that’s a $$$ disc...
Trend Micro Research, News, Perspectives
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, o...
Identity Protection in the AI Era
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
TrendAI Insight: New U.S. National Cyber Strategy
Explore the White House National Cyber Strategy and its six pillars to strengthen U.S. cybersecurity—covering deterrence, regulation, federal modernization, critical infrastructure...
The Real Risk of Vibecoding
Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
TrendAIℱ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
Blog Articles - Identity Insights | Trulioo
Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business
What is Customer Due Diligence (CDD)
Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud
AML, KYC and Identity Verification in Australia
When Fraud Becomes Background Noise: The Industrialization of Digital Deception
The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage
The End of Static KYB: Business Identity in Constant Motion
Know Your Agent: The Next Chapter in Digital Trust
When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage
Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration
Security | Microsoft Azure Blog | Microsoft Azure
Azure IaaS: Keep critical applications running with built-in resiliency at scale
Learn how Azure IaaS helps organizations start from a resilient platform foundation with availability, continuity, and recovery capabilities.
Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure
Learn how Azure IaaS helps you modernize infrastructure, improve performance and resilience, optimize costs, and prepare for AI workloads. Read more.
Azure reliability, resiliency, and recoverability: Build continuity by design
Learn how Azure reliability, resiliency, and recovery capabilities work together to improve cloud continuity. Read more.
Microsoft strengthens sovereign cloud capabilities with new services
Discover new Microsoft digital sovereignty capabilities and upcoming features across AI, security, and productivity, to address sovereign cloud needs.
Enhancing software supply chain security with Microsoft’s Signing Transparency
Microsoft Signing Transparency delivers verifiable code integrity and tamper-evident software releases for stronger supply chain security.
Oracle Database@Azure offers new features, regions, and programs to unlock data and AI innovation
Migrate Oracle solutions to the cloud with a trusted, enterprise-ready platform from Microsoft and Oracle. Learn more.
Building secure, scalable AI in the cloud with Microsoft Azure
Forrester Research shows how Azure helps enterprises scale generative AI securely, unlocking real business value. Learn more.
Enhance AI security with Azure Prompt Shields and Azure AI Content Safety
Learn how Prompt Shields and Azure AI Content Safety can help guard against direct and indirect threats to your LLM-based solution.
Navigating the 2024 holiday season: Insights into Azure’s DDoS defense
Learn more on how Azure DDoS is keeping you prepared for this years trends in advanced attack tactics to keep your data secure.
6 insights to make your data AI-ready, with Accenture’s Teresa Tung
Learn more about the changing nature of data and its value to an AI strategy with Teresa Tung.
Threatpost
Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.