ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation. The atta
Microsoft-Schwachstellen: weniger Lücken, mehr Risiko
Gesamtzahl der Microsoft-Schwachstellen sinkt um sechs Prozent. Kritische Risiken bei Cloud- und Enterprise-Plattformen haben sich im Jahresvergleich verdoppelt.
China-Aligned SHADOW-EARTH-053 Exploits Exchange Servers to Deploy ShadowPad Malware
A China-aligned threat group tracked as SHADOW-EARTH-053 has been exploiting unpatched Microsoft Exchange Server vulnerabilities to conduct cyberespionage against government and defense-linked targets across Asia and bey
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in mos
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. [...]
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and
CVE-2025-58074
Currently trending CVE - Hype Score: 1 - A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation pr
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step attack chain, and legitimate email services to distribute fully a
CVE-2025-58074 - Norton Secure VPN Microsoft Store Privilege Escalation Vulnerability
CVE ID :CVE-2025-58074 Published : May 4, 2026, 2:16 p.m. | 2 hours, 4 minutes ago Description :A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A lo
Vorfall bei DigiCert: Malware-Autoren klauten Zertifikate
Zuerst infizierten Kriminelle Kundendienstmitarbeiter mit Schadsoftware, dann stahlen sie mehr als zwanzig Zertifikate. Die CA hat reagiert – Microsoft auch?
Sicherheitslücke in Microsoft Defender wird aktiv ausgenutzt
Eine aktiv ausgenutzte Sicherheitslücke in Microsoft Defender ermöglicht eine lokale Privilegieneskalation bis zu SYSTEM-Rechten. Betroffene Builds sollten schnell überprüft und upgedatet werden. Und auch in Entra ID kla
What’s new, updated, or recently released in Microsoft Security
Stay ahead of emerging threats with Microsoft’s newest security innovations and updates, delivered through the In the Loop series. The post What’s new, updated, or recently released in Microsoft Security appeared first o
Email threat landscape: Q1 2026 trends and insights
In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, highlighted by Microsoft’s disruption of the Tycoon2FA phishing platform which led to a 15% volume
Microsoft won’t patch PhantomRPC: Feature or bug?
A researcher has detailed five ways to exploit PhantomRPC, which Microsoft rates “moderate” and does not plan to fix.
CISA Warns Microsoft Windows Shell 0-click Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability in Microsoft Windows. On April 28, 2026, the agency officially added this security flaw
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based o
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc
Neuer CEO bei Ontinue treibt Agentic SOC voran
Ontinue ernennt Moritz Mann zum CEO und forciert Agentic SOC – mit KI-Agenten, MXDR und Microsoft-Integration für schnellere Security-Operations.
New BlobPhish Attack Leverages Browser Blob Objects to Steal Users’ Login Credentials
A sophisticated, memory-resident phishing campaign called BlobPhish, active since October 2024, that exploits browser Blob URL APIs to silently steal credentials from Microsoft 365 users, major U.S. banks, and financial
New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen
A critical zero-click authentication coercion vulnerability, tracked as CVE-2026-32202, stemming from an incomplete patch for a Windows Shell security feature bypass actively weaponized by the Russian APT28 threat group.