Windows

Refine Results

Filtered by

Clear All

Windows

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

April 1

16 min read

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean state actor Sapphire Sleet.
March 31

10 min read

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain.
June 27, 2025

12 min read

Unveiling RIFT: Enhancing Rust malware analysis through pattern matching

As threat actors are adopting Rust for malware development, RIFT, an open-source tool, helps reverse engineers analyze Rust malware, solving challenges in the security industry.
April 16, 2025

12 min read

Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures

Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse.
Retain Microsoft Security Experts

Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.

Get started
April 15, 2025

10 min read

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.
March 31, 2025

13 min read

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot.
March 6, 2025

32 min read

Malvertising campaign leads to info stealers hosted on GitHub

Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally.
October 11, 2024

6 min read

Microsoft’s guidance to help mitigate Kerberoasting

Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks.
Modernize your Security Operations Center with Microsoft Sentinel

Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.

Learn more
August 8, 2024

15 min read

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation.
May 20, 2024

10 min read

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Today, ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC.
April 23, 2024

4 min read

New Microsoft Incident Response guide helps simplify cyberthreat investigations

Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.
April 22, 2024

10 min read

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions.

Windows

Filtered by

Refine results

Retain Microsoft Security Experts

Modernize your Security Operations Center with Microsoft Sentinel

Get started with Microsoft Security