Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-03-03MicrosoftMicrosoft
Signed malware impersonating workplace apps deploys RMM backdoors
TrustConnect RAT
2026-03-02MicrosoftMicrosoft Defender Security Research Team
OAuth redirection abuse enables phishing and malware delivery
2026-02-24MicrosoftMicrosoft Defender Experts
Developer-targeting campaign using malicious Next.js repositories
2026-01-20Jamf BlogThijs Xhaflaire
Threat Actors Expand Abuse of Microsoft Visual Studio Code
2026-01-14MicrosoftMicrosoft Threat Intelligence
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
2025-12-01LinkedIn (Microsoft)Microsoft Threat Intelligence
Post about Phishing Campaign pushing XWorm
XWorm TA584
2025-11-28OpenSourceMalwareOpenSourceMalware
"Contagious Interview" campaign abuses Microsoft VSCode tasks to drop malware and gain persistence
BeaverTail InvisibleFerret
2025-10-09MicrosoftMicrosoft Threat Intelligence
Investigating targeted “payroll pirate” attacks affecting US universities
Storm-2657
2025-10-06MicrosoftMicrosoft Threat Intelligence
Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Medusa Storm-1175
2025-09-05KrollDave Truman, Marc Messer
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook
GONEPOSTAL
2025-07-31MicrosoftMicrosoft Threat Intelligence
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
ApolloShadow
2025-07-22MicrosoftMicrosoft Threat Intelligence
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Storm-2603
2025-07-08Koi SecurityIdan Dardikman
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.
2025-07-04The Hacker NewsRavie Lakshmanan
NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
NightEagle
2025-06-30MicrosoftMicrosoft Threat Intelligence
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations
2025-05-29MicrosoftIgor Sakhnov
Defending against evolving identity attack techniques
APT35
2025-05-27MicrosoftMicrosoft Threat Intelligence
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
Void Blizzard
2025-05-21MicrosoftSteven Masada
Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool
Lumma Stealer
2025-05-20EuropolEuropol
Europol and Microsoft disrupt world’s largest infostealer Lumma
Lumma Stealer
2025-05-19CSAAhmad Abdillah
Reversing a Microsoft-Signed Rootkit: The Netfilter Driver
NetfilterRootkit