Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
In 2024 alone, scammers drained the global economy of more than $1.03 trillion. Together, Microsoft and the other members of GASA hope to stem these losses going forward.
Microsoft Security Blog
Your source for the latest in cybersecurity
Marbled Dust leverages zero-day in Output Messenger for regional espionage
Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software.
Microsoft unveils Microsoft Security Copilot agents and new protections for AI
Learn about the upcoming availability of Microsoft Security Copilot agents and other new offerings for a more secure AI future.
Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for cyber-physical systems protection platforms
We are excited to announce that Gartner has named Microsoft a Leader in the 2024 Gartner® Magic Quadrant™ for Cyber Physical Systems Protection Platforms.
Threat intelligence
-
Marbled Dust leverages zero-day in Output Messenger for regional espionage
Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. -
Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. -
Understanding the threat landscape for Kubernetes and containerized assets
The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. -
Threat actors misuse Node.js to deliver malware and other malicious payloads
Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node. -
Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI
Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. -
Exploitation of CLFS zero-day leads to ransomware activity
Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets.
Get help from Microsoft Security Experts
Our expertise is now your expertise. Better protect your organization with managed security services from the experts at Microsoft.
AI and machine learning
-
14 secure coding tips: Learn from the experts at Microsoft Build
At Microsoft Build 2025, we’re bringing together security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code faster. -
New whitepaper outlines the taxonomy of failure modes in AI agents
Read the new whitepaper from the Microsoft AI Red Team to better understand the taxonomy of failure mode in agentic AI. -
Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative
The Microsoft Secure Future Initiative (SFI) stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. -
Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures
Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. -
Explore how to secure AI by attending our Learn Live Series
Register to attend one or all our Learn Live sessions to learn how to secure your environment for AI adoption. -
Transforming public sector security operations in the AI era
Read how Microsoft’s unified security operations platform can use generative AI to transform cybersecurity for the public sector.
Modernize your security operations center
Confidently secure your multicloud, multiplatform environment with Microsoft Sentinel – a cloud-native security information and event management (SIEM) solution.
Latest posts
-
Marbled Dust leverages zero-day in Output Messenger for regional espionage
Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. -
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. -
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
In 2024 alone, scammers drained the global economy of more than $1.03 trillion. Together, Microsoft and the other members of GASA hope to stem these losses going forward. -
Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. -
Pushing passkeys forward: Microsoft’s latest updates for simpler, safer sign-ins
Celebrate World Passkey Day with Microsoft! Join us in embracing passkeys for secure, passwordless sign-ins. -
Microsoft announces the 2025 Security Excellence Awards winners
Congratulations to the winners of the Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond.