New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.
Microsoft Security Experts
Elevate your security with expert-led services. Learn how to defend against threats, build cyber resilience, and modernize security operations from the experts at Microsoft.
Refine results
Topic
Products and services
Publish date
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
-
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads. -
Explore the latest Microsoft Incident Response proactive services for enhanced resilience
The new proactive services from Microsoft Incident Response turn security uncertainty into readiness with expert‑led preparation and advanced intelligence. -
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
Announcing Microsoft Defender Experts Suite, a integrated set of expert-led services that helps security teams keep pace with modern cyberattacks. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks. -
Imposter for hire: How fake people can gain very real access
Fake employees are an emerging cybersecurity threat. -
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. -
Inside Microsoft Threat Intelligence: Calm in the chaos
Incident response is never orderly. Threat actors don’t wait. Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
-
Think before you Click(Fix): Analyzing the ClickFix social engineering technique
The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. -
Elevate your protection with expanded Microsoft Defender Experts coverage
Defender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud. -
Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
We are honored to be recognized once again as a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms—our sixth consecutive time. -
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries.
