Signed malware impersonating workplace apps deploys RMM backdoors
Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments.
Microsoft Security Experts
Our expertise is now your expertise. Learn how to extend your ability to defend and manage with a new line of services from the experts at Microsoft.
Refine results
Topic
Products and services
Publish date
-
-
Developer-targeting campaign using malicious Next.js repositories
A developer-targeting campaign leveraged malicious Next. -
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
AI-powered cyberattacks outpace aging SOC tools, and this new guide explains why manual defense fails and how autonomous, expert-led security transforms modern protection. -
Your complete guide to Microsoft experiences at RSAC™ 2026 Conference
Microsoft Security returns to RSAC Conference to show how Frontier Firms—organizations that are human-led and agent-operated—can stay ahead. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger. -
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads. -
Explore the latest Microsoft Incident Response proactive services for enhanced resilience
The new proactive services from Microsoft Incident Response turn security uncertainty into readiness with expert‑led preparation and advanced intelligence. -
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
Announcing Microsoft Defender Experts Suite, a integrated set of expert-led services that helps security teams keep pace with modern cyberattacks. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks. -
Imposter for hire: How fake people can gain very real access
Fake employees are an emerging cybersecurity threat. -
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. -
Inside Microsoft Threat Intelligence: Calm in the chaos
Incident response is never orderly. Threat actors don’t wait.
