Researchers found attackers using fake CAPTCHA pages. Users should never run PowerShell or Windows commands requested by ...

Gamaredon hacking group escalated its decade-long espionage campaign against Ukraine in 2025, exploiting a weaponized WinRAR ...

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...

Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

Microsoft is embracing Linux-like command line utilities and integrating its Linux subsystem even further into Windows.

Throughout 2025, the Russia-aligned Gamaredon threat group exclusively targeted governmental and military institutions in Ukraine. Gamaredon operators developed and deployed six new malicious ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...

Microsoft’s Build 2026 Windows updates add developer setup tools, local AI models, Linux workflows, and agent security controls.

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...