Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft Rolls Out Fresh Outlook Fix After Faulty Windows Update
Description: Windows 11 users can deploy a workaround or await the update rollout.
Source: Dark Reading
February 27th, 2025 (about 2 months ago)
Microsoft names cybercriminals behind AI deepfake network
Description: Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. [...]
Source: BleepingComputer
February 27th, 2025 (about 2 months ago)
Microsoft fixes Outlook drag-and-drop broken by Windows updates
Description: ​Microsoft has fixed a known issue that broke email and calendar drag-and-drop in classic Outlook after installing recent updates on Windows 24H2 systems. [...]
Source: BleepingComputer
February 27th, 2025 (about 2 months ago)
VSCode extensions with 9 million installs pulled over security risks
Description: Microsoft has removed two popular VSCode extensions, 'Material Theme - Free' and  'Material Theme Icons - Free,' from the Visual Studio Marketplace for allegedly containing malicious code. [...]
Source: BleepingComputer
February 26th, 2025 (about 2 months ago)
Windows 11 KB5052093 update released with 33 changes and fixes
Description: Microsoft has released the February 2025 preview cumulative update for Windows 11 24H2, with 33 improvements and fixes for multiple issues, including SSH and File Explorer bugs and the volume jumping to 100% when waking the PC from sleep. [...]
Source: BleepingComputer
February 26th, 2025 (about 2 months ago)
Windows 11 24H2 upgrades now blocked for some AutoCAD users
Description: Microsoft has introduced a new Windows 11 24H2 upgrade block for systems with AutoCAD 2022, addressing compatibility issues that prevent the program from launching. [...]
Source: BleepingComputer
February 26th, 2025 (about 2 months ago)
Microsoft 365 Accounts Get Sprayed by Mega-Botnet
Description: The threat actors are exploiting non-interactive sign-ins, an authentication feature that security teams don't typically monitor.
Source: Dark Reading
February 25th, 2025 (about 2 months ago)
Microsoft fixes Entra ID authentication issue caused by DNS change
Description: Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company's Seamless SSO and Microsoft Entra Connect Sync. [...]
Source: BleepingComputer
February 25th, 2025 (about 2 months ago)
Windows 10 KB5052077 update fixes broken SSH connections
Description: ​​Microsoft has released the optional KB5052077 preview cumulative update for Windows 10 22H2 with nine bug fixes and changes, including a fix for a longstanding known issue that breaks SSH connections. [...]
Source: BleepingComputer
February 25th, 2025 (about 2 months ago)
Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware
Description: Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to deliver a new variant of PicassoLoader.  The threat cluster has been assessed to be an extension of a long-running campaign mounted by a Belarus-aligned threat actor dubbed Ghostwriter (aka Moonscape,
Source: TheHackerNews
February 25th, 2025 (about 2 months ago)