Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support
Description: A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said. "New users will have several passwordless options for
Source: TheHackerNews
May 2nd, 2025 (about 1 month ago)
Getting Outlook.com Ready for Bulk Email Compliance
Description: Microsoft has set May 5 as the deadline for bulk email compliance. In this Tech Tip, we show how organizations can still make the deadline.
Source: Dark Reading
May 1st, 2025 (about 1 month ago)
[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
Description: Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
Source: ExploitDB
May 1st, 2025 (about 1 month ago)
Microsoft Windows .XRM-MS File / NTLM Information Disclosure Spoofing
Description: Posted by hyp3rlinx on May 01[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt [+] x.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] .xrm-ms File Type [Vulnerability Type] NTLM Hash Disclosure (Spoofing) [Video URL PoC] https://www.youtube.com/watch?v=d5U_krLQbNY [CVE Reference] N/A [Security Issue] The...
Source: Full Disclosure Mailinglist
May 1st, 2025 (about 1 month ago)
Microsoft: Windows 11 24H2 updates fail with 0x80240069 errors
Description: Microsoft has confirmed that Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) are being blocked after installing the April 2025 security updates. [...]
Source: BleepingComputer
April 30th, 2025 (about 1 month ago)
Microsoft: Windows Server hotpatching to require subscription
Description: Microsoft has announced that it will soon introduce paid subscriptions for Windows Server 2025 hotpatching, a service that enables admins to install security updates without restarting. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Microsoft fixes Outlook paste, blank calendar rendering issues
Description: Microsoft has confirmed several issues affecting Microsoft 365 customers using the "paste special' option and the calendar feature in the classic Outlook email client. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Microsoft fixes Outlook on the web search issues, failures
Description: Microsoft is working on fully mitigating issues causing Outlook on the web and SharePoint Online users to experience delays or failures when searching. [...]
Source: BleepingComputer
April 28th, 2025 (about 1 month ago)
Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025
Source: TheRegister
April 28th, 2025 (about 1 month ago)
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Description: Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis. The tech giant noted that
Source: TheHackerNews
April 27th, 2025 (about 1 month ago)