microsoft
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. This cybercrime gang quickly shifts to targeting new security vulnerabilities to gain access to its victims’ networks, weaponizing some of them within a day and, in some cases, exploiting […]
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. According to a report by Fairlinked e.V., which claims to be an association of commercial LinkedIn users, Microsoft’s platform injects JavaScript into user sessions that checks for thousands of […]
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. When it first acknowledged this service issue (tracked under EX1256020) last week, Microsoft said the root cause was a newly introduced virtual account. While the company flagged it as resolved on April 1, […]
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. According to the company’s Lifecycle Policy site, Windows 11 24H2 will reach end of support in roughly six months, on October 13, 2026. Also known as the Windows 11 2025 Update, Windows 11 25H2 began rolling […]
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. The kit is sold to cybercriminals over Telegram and is under continuous development, its author stating that they plan to extend support for Gmail and Okta phishing pages. Device […]
New Windows 11 emergency update fixes preview update install issues
Microsoft released an out-of-band update to fix the March 2026 non-security preview update, which was pulled over the weekend due to installation issues. The optional cumulative update (KB5079391) was released on Thursday for Windows 11 24H2 and 25H2 systems, with 29 changes, including Smart App Control and Display improvements. However, right after it started rolling out, users […]
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization problems for classic Outlook users. As the company explained earlier this month, the bug triggers 0x800CCC0F and 0x80070057 error codes when synchronizing Gmail and Yahoo accounts. Microsoft said that this type of email account stopped syncing as of February 26, 2026, and that, in […]
Microsoft Exchange Online service change causes email access issues
Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. After investigating the incident (tracked under EX1256020), Microsoft found that the root cause was a newly introduced virtual account. On Saturday, began working to revert […]
New KB5085516 emergency update fixes Microsoft account sign-in
Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. This issue appears after installing the KB5079473 cumulative update that Microsoft released as part of this month’s Patch Tuesday, and it warns users that the affected devices are not connected to the […]
Microsoft Azure Monitor alerts abused for callback phishing attacks
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. Azure Monitor is Microsoft’s cloud-based monitoring service that collects and analyzes data from Azure resources, applications, and infrastructure. It enables users to track performance, notify about billing changes, detect […]