Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-04-07MicrosoftMicrosoft Threat Intelligence
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
2026-03-11MicrosoftMicrosoft Defender Experts, Microsoft Defender Security Research Team
Contagious Interview: Malware delivered through fake developer job interviews
BeaverTail OtterCookie StoatWaffle InvisibleFerret PylangGhost GolangGhost Contagious Interview
2026-03-06MicrosoftMicrosoft Threat Intelligence
AI as tradecraft: How threat actors operationalize AI
OtterCookie
2026-03-03MicrosoftMicrosoft
Signed malware impersonating workplace apps deploys RMM backdoors
TrustConnect RAT
2026-03-02MicrosoftMicrosoft Defender Security Research Team
OAuth redirection abuse enables phishing and malware delivery
2026-02-24MicrosoftMicrosoft Defender Experts
Developer-targeting campaign using malicious Next.js repositories
StoatWaffle
2026-01-20JamfThijs Xhaflaire
Threat Actors Expand Abuse of Microsoft Visual Studio Code
StoatWaffle
2026-01-14MicrosoftMicrosoft Threat Intelligence
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
2025-12-01LinkedIn (Microsoft)Microsoft Threat Intelligence
Post about Phishing Campaign pushing XWorm
XWorm TA584
2025-11-28OpenSourceMalwareOpenSourceMalware
"Contagious Interview" campaign abuses Microsoft VSCode tasks to drop malware and gain persistence
BeaverTail InvisibleFerret
2025-10-09MicrosoftMicrosoft Threat Intelligence
Investigating targeted “payroll pirate” attacks affecting US universities
Storm-2657
2025-10-06MicrosoftMicrosoft Threat Intelligence
Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Medusa Storm-1175
2025-09-05KrollDave Truman, Marc Messer
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook
GONEPOSTAL
2025-07-31MicrosoftMicrosoft Threat Intelligence
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
ApolloShadow
2025-07-22MicrosoftMicrosoft Threat Intelligence
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Storm-2603
2025-07-08Koi SecurityIdan Dardikman
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.
2025-07-04The Hacker NewsRavie Lakshmanan
NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
NightEagle
2025-06-30MicrosoftMicrosoft Threat Intelligence
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations
2025-05-29MicrosoftIgor Sakhnov
Defending against evolving identity attack techniques
APT35
2025-05-27MicrosoftMicrosoft Threat Intelligence
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
Void Blizzard