CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers.
The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Separate actors exploited the same exposure, creating overlapping intrusions that obscured detection and response.
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. An investigation ...
Microsoft restored Teams and Office for the web file access after a June 1 outage, but the root cause remained unclear. IT teams should verify tenant impact and fallback paths. A Microsoft Teams file ...
Users are reporting problems with Microsoft's AI tool Copilot June 1, according to DownDetector. The majority of users are reporting problems using the app. Microsoft said it was investigating the ...
Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft. Five attack surfaces mapped.
Microsoft rolled out an out-of-band patch for a remote code execution vulnerability in SharePoint Server that any authenticated attacker can potentially exploit without requiring administrator or ...
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Having trouble accessing your emails this Monday morning? You're not alone. Microsoft Outlook users started experiencing outages as early as 4 a.m. ET on Monday, April 27, according to the online ...