Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware ...
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...