Click here to download all references as Bib-File.•
| 2026-04-07
⋅
Microsoft
⋅
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks |
| 2026-03-11
⋅
Microsoft
⋅
Contagious Interview: Malware delivered through fake developer job interviews BeaverTail OtterCookie StoatWaffle InvisibleFerret PylangGhost GolangGhost Contagious Interview |
| 2026-03-06
⋅
Microsoft
⋅
AI as tradecraft: How threat actors operationalize AI OtterCookie |
| 2026-03-03
⋅
Microsoft
⋅
Signed malware impersonating workplace apps deploys RMM backdoors TrustConnect RAT |
| 2026-03-02
⋅
Microsoft
⋅
OAuth redirection abuse enables phishing and malware delivery |
| 2026-02-24
⋅
Microsoft
⋅
Developer-targeting campaign using malicious Next.js repositories StoatWaffle |
| 2026-01-20
⋅
Jamf
⋅
Threat Actors Expand Abuse of Microsoft Visual Studio Code StoatWaffle |
| 2026-01-14
⋅
Microsoft
⋅
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations |
| 2025-12-01
⋅
LinkedIn (Microsoft)
⋅
Post about Phishing Campaign pushing XWorm XWorm TA584 |
| 2025-11-28
⋅
OpenSourceMalware
⋅
"Contagious Interview" campaign abuses Microsoft VSCode tasks to drop malware and gain persistence BeaverTail InvisibleFerret |
| 2025-10-09
⋅
Microsoft
⋅
Investigating targeted “payroll pirate” attacks affecting US universities Storm-2657 |
| 2025-10-06
⋅
Microsoft
⋅
Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Medusa Storm-1175 |
| 2025-09-05
⋅
Kroll
⋅
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook GONEPOSTAL |
| 2025-07-31
⋅
Microsoft
⋅
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats ApolloShadow |
| 2025-07-22
⋅
Microsoft
⋅
Disrupting active exploitation of on-premises SharePoint vulnerabilities Storm-2603 |
| 2025-07-08
⋅
Koi Security
⋅
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware. |
| 2025-07-04
⋅
The Hacker News
⋅
NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors NightEagle |
| 2025-06-30
⋅
Microsoft
⋅
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations |
| 2025-05-29
⋅
Microsoft
⋅
Defending against evolving identity attack techniques APT35 |
| 2025-05-27
⋅
Microsoft
⋅
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage Void Blizzard |