Exchange Server CVE-2026-42897 Exploited Through Crafted OWA Email
Microsoft says Exchange Server CVE-2026-42897 has exploitation detected. The current protection path…
KongTuke Uses Microsoft Teams Help-Desk Lures to Drop ModeloRAT
KongTuke moved from web-based ClickFix lures into external Microsoft Teams chats, using…
YellowKey BitLocker Bypass PoC Targets TPM-Only Windows 11 Drives
A public YellowKey proof-of-concept claims a BitLocker bypass path on Windows 11…
Microsoft Word Preview Pane RCE Bugs Put Outlook Users at Risk
Microsoft patched two critical Word RCE bugs where the Preview Pane is…
Operation HookedWing Phishing Hit 500+ Organizations
Operation HookedWing used GitHub Pages, compromised servers, and staged redirects to target…
Microsoft Account Locked: Recovery Steps and Scam Checks
If your Microsoft account is locked, use official Microsoft recovery tools, verify…
Microsoft AiTM Phishing Targeted 35,000 Users
Microsoft says a code-of-conduct phishing campaign targeted 35,000 users with PDF lures,…
CloudZ Malware Abuses Microsoft Phone Link to Steal OTPs
Cisco Talos says CloudZ RAT and its Pheno plugin target Microsoft Phone…
MuddyWater Uses Microsoft Teams Phishing in Chaos Ransomware Masquerade
Rapid7 says MuddyWater used Microsoft Teams social engineering, remote tools, stolen credentials,…
CVE-2025-24071 Windows File Explorer Spoofing Vulnerability Uncovered, Patch Now
Microsoft uncovered the information about a critical vulnerability in Windows File Explorer,…
Microsoft Pop-up Scam
Seeing a Microsoft Account Locked browser pop-up with a phone number? It…
Windows Defender Security Center Scam: Remove the Fake Alert
Windows Defender Security Center scam pop-ups imitate Microsoft alerts and push fake…
