Ghost-Sender Spoofing
Ghost-Sender shows how Exchange Online tenants with external MX gateways can receive…
Nimbus RAT Teams Vishing
Nimbus RAT now rides a Teams vishing and Quick Assist chain. See…
DesckVB RAT Malspam
DesckVB RAT malspam abuses DoubleClick redirects before dropping a ZIP, script loader,…
Netlogon CVE-2026-41089 RCE
CVE-2026-41089 is now reported as actively exploited. Patch Windows Server domain controllers…
mshta.exe Malware Removal: Blank Window and Scheduled Task Fix
If mshta.exe keeps opening blank windows or security tools block its outbound…
Microsoft Account Hacked? Scan Malware Before Password Reset
Microsoft account hacked after malware? Scan or clean the PC before changing…
Safety Scanner Result Guide
Microsoft Safety Scanner can show infected files during a scan but finish…
Storm-2949 SSPR Abuse: From MFA Prompt to Cloud-Wide Breach
Microsoft says Storm-2949 abused Self-Service Password Reset and MFA social engineering to…
Fox Tempest Signed Malware Service: Why Valid Signatures Are Not Enough
Microsoft says Fox Tempest operated a malware-signing service. Learn why signed malware…
MiniPlasma Windows Zero-Day PoC Gives Local Users SYSTEM Access
A public MiniPlasma proof-of-concept shows local privilege escalation to SYSTEM on fully…
Device Code Phishing: Microsoft Login Trap and Token Theft
Device code phishing uses a real Microsoft login page to authorize an…
Microsoft Details Kazuar Botnet Used by Secret Blizzard
Microsoft published a technical analysis of Kazuar, a modular Secret Blizzard botnet…
