Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses

Microsoft has said it successfully mitigated, “the largest DDoS attack ever observed in the cloud” after cybercriminals running the Aisuru botnet targeted a single endpoint, located in Australia. The attack was a sight to behold: more than 500,000 source IPs, Read More …

US Air Force admits SharePoint privacy issue as reports trickle out of possible breach

The US Air Force is reportedly investigating a potential data breach caused by a Microsoft SharePoint issue. A report from The Register revealed the Air Force Personnel Center Directorate of Technology and Information issued a data breach notification shared on Read More …

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

The Rapid7 September 2025 Threat Report highlights active exploitation of a critical Microsoft SharePoint vulnerability, CVE-2025-53770. This zero-day is being used by threat actors to gain initial access to victim networks, with exploitation observed in government as well as multiple Read More …

Microsoft terminates services for Israeli military after investigation into mass surveillance of Palestinians

Microsoft has terminated a set of services for the Israeli military after an investigation suggested Israel was using the company’s cloud computing technology for mass surveillance of Palestinians. In a statement posted the company’s blog, Microsoft President Brad Smith said Read More …

Serious Microsoft Entra flaw could have let hackers infiltrate any user – patch now

Security researchers have found a critical vulnerability in Microsoft Entra ID which could have allowed threat actors to gain Global Administrator access to virtually anyone’s tenant – without being detected in any way. The vulnerability consists of two things – Read More …

Disrupted phishing service was after Microsoft 365 credentials

Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation, known as RaccoonO365. The primary goal of RaccoonO365 (or Storm-2246 as Microsoft calls it) was to rent out a phishing toolkit that specialized in stealing Microsoft 365 credentials. They were successful in Read More …

Patch Tuesday – September 2025

Microsoft is addressing 176 vulnerabilities today, which seems like a lot, and it is. Curiously, Microsoft’s own Security Update Guide (SUG) for September 2025 Patch Tuesday only lists 86 vulns, and that’s because the SUG doesn’t include a large number Read More …

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Organizations continue to grapple with increasingly complex cyberthreats, as ransomware groups rapidly evolve their tactics. In a recent attack wave, the Warlock ransomware group exploited internet-exposed, unpatched on-premise Microsoft SharePoint servers, abusing newly discovered vulnerabilities to gain initial access to Read More …

Deep dive into CVE‑2025‑29824 in Windows

On April 8, 2025, Microsoft patched 121 vulnerabilities across its products, including CVE-2025-29824—the only one known to be exploited in the wild. This particular flaw enabled adversaries to escalate Windows privileges by leveraging a bug in the clfs.sys driver. Microsoft Read More …

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by Read More …