OAuth redirection abuse enables phishing and malware delivery
OAuth redirection is being repurposed as a phishing delivery path.
Microsoft Defender
Microsoft Defender helps prevent, detect, and respond to attacks across devices, identities, apps, email, data, workloads, and clouds. Explore threat intelligence, capabilities, and real-world guidance to help you get more out of Defender.
Refine results
Topic
Products and services
Publish date
-
-
Threat modeling AI applications
AI threat modeling helps teams identify misuse, emergent risk, and failure modes in probabilistic and agentic AI systems. -
Developer-targeting campaign using malicious Next.js repositories
A developer-targeting campaign leveraged malicious Next. -
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
AI-powered cyberattacks outpace aging SOC tools, and this new guide explains why manual defense fails and how autonomous, expert-led security transforms modern protection. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
Running OpenClaw safely: identity, isolation, and runtime risk
Self-hosted agents execute code with durable credentials and process untrusted input. -
Detecting and mitigating common agent misconfigurations
Agents are increasingly powerful. With that power comes risk: small misconfigurations, over‑broad sharing, unauthenticated access, and weak orchestration controls can create real exposure. -
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning
That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. -
Analysis of active exploitation of SolarWinds Web Help Desk
We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger. -
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads. -
Turning threat reports into detection insights with AI
Security teams often spend days manually turning long incident reports and threat writeups into actionable detections by extracting TTPs. -
New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generative while safeguarding sensitive data?
