Stay updated on Microsoft's security innovations, latest threats, and best practices in information protection on our dedicated cybersecurity tag.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a multinational technology company known for its software, hardware, and cloud services. In the context of information security, attention to Microsoft is essential since its products, including Windows operating systems, Office suite, and Azure cloud services, are widely used across personal and enterprise environments, making them a frequent target for cyber threats.
Microsoft's information security implications involve the management of vulnerabilities, implementation of security updates, and the development of advanced protection mechanisms to safeguard against malware, ransomware, phishing attacks, and other cyber threats. Additionally, Microsoft provides a range of security tools and services designed to improve the security posture of organizations, emphasizing identity and access management, threat protection, information protection, and security management.
The focus here extends to news about Microsoft's security updates, advisories, breach incidents involving Microsoft products, as well as innovative security technologies released by the company. Staying informed on Microsoft-related security news helps users and administrators maintain robust defenses in a landscape where threats continually evolve to exploit any weaknesses in popular systems and services.
Weekly headline count for the current query.
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
Healthcare Sector AI Expansion Raises Questions on Governance, Privacy and SafetyMayo Clinic and Microsoft are planning a new healthcare-specific frontier artificial intelligence model that aims to help clinicians make earlier diagnoses and deliver more personalized treatments to their patients. The clinic plans to make the new model available to patients and doctors.
A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps
Researchers follow in Nightmare Eclipse’s footsteps, flipping off Redmond in favor of insta-leaks
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw added to the catalog, tracked […]
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker
A threat actor got a near-continuous view into an influential finance executive's email inbox, thanks to clever use of legitimate, native Windows tools.
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora
A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credentials from GitHub, cloud platforms, and local machines, then spreads like a worm by republishing trusted packages. Discover how the attack works, what data is at risk, and the steps you can take to protect your organization. The post Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign appeared first on Microsoft Security Blog.
Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. [...]
Following days of criticism from the security community, Redmond dials back rhetoric, insists vulnerability hunters not in its legal crosshairs
After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order.
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. [...]
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. [...]
Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. [...]