An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email ...

New research shows 9% of Microsoft Entra SaaS apps are vulnerable to nOAuth abuse, allowing full account takeovers.

Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023 ...

With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security ...

The defense strategy stems from the company’s longtime expertise in cybersecurity, ranging from its AI Red Team attacking its own products to the Microsoft Security Response Center researching and ...

A new investigative report from HIPAA compliant email provider Paubox has exposed a hidden security failure in Microsoft 365 and Google Workspace, two of the most widely used email platforms. Despite ...

Ever since it was announced in October 2021, Microsoft has struggled to encourage PC owners to switch to Windows 11. Despite ...

Microsoft’s partnership with OpenAI is complicated, and the pair are intertwined both technologically and financially. While ...

Microsoft is adding new default security settings to Windows 365 Cloud PCs, disabling redirections & enabling VBS, Credential ...

LLM-based AI agents are introducing a new class of vulnerabilities, where attackers inject malicious instructions into data, ...

Researchers from Positive Technologies recently unveiled a new study on a keylogger-based campaign targeting organizations worldwide. The campaign, which resembles a similar attack discovered in 2024, ...

Out-of-band has been getting out of hand in recent times, as Microsoft has scrambled to deal with a relentless succession of ...