Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025
Source: TheRegister
April 28th, 2025 (about 1 month ago)
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Description: Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis. The tech giant noted that
Source: TheHackerNews
April 27th, 2025 (about 1 month ago)
Microsoft ".library-ms" File / NTLM Information Disclosure (Resurrected 2025)
Description: Posted by hyp3rlinx on Apr 26[-] Microsoft ".library-ms" File / NTLM Information Disclosure Spoofing (Resurrected 2025) / CVE-2025-24054 [+] John Page (aka hyp3rlinx) [+] x.com/hyp3rlinx [+] ISR: ApparitionSec Back in 2018, I reported a ".library-ms" File NTLM information disclosure vulnerability to MSRC and was told "it was not severe enough", that being said I post it anyways. Seven years passed, until other researchers re-reported it....

CVSS: MEDIUM (6.5)

Source: Full Disclosure Mailinglist
April 27th, 2025 (about 1 month ago)
Windows 11's Recall AI is now rolling out on Copilot+ PCs
Description: Microsoft has confirmed that Windows Recall is rolling out to everyone with Windows 11 KB5055627 on Copilot+ PCs. [...]
Source: BleepingComputer
April 25th, 2025 (about 1 month ago)
Windows 11 KB5055627 update released with 30 new changes, fixes
Description: ​​Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2 with many new features gradually rolling out, and some new bug fixes for everyone. [...]
Source: BleepingComputer
April 25th, 2025 (about 1 month ago)
Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions
Source: TheRegister
April 25th, 2025 (about 1 month ago)
Microsoft announces fix for CPU spikes when typing in Outlook
Description: Microsoft says it will soon fix a known issue causing CPU spikes when typing messages in recent versions of its classic Outlook email client. [...]
Source: BleepingComputer
April 25th, 2025 (about 1 month ago)
'SessionShark' ToolKit Evades Microsoft Office 365 MFA
Description: The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it's anything but.
Source: Dark Reading
April 24th, 2025 (about 1 month ago)
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Description: Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]
Source: BleepingComputer
April 24th, 2025 (about 1 month ago)
Microsoft fixes machine learning bug flagging Adobe emails as spam
Description: Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. [...]
Source: BleepingComputer
April 24th, 2025 (about 1 month ago)