Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
EncryptHub linked to zero-day attacks targeting Windows systems
Description: A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. [...]
Source: BleepingComputer
March 25th, 2025 (3 months ago)
New Android malware uses Microsoft’s .NET MAUI to evade detection
Description: New Android malware campaigns use Microsoft's cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. [...]
Source: BleepingComputer
March 25th, 2025 (3 months ago)
Microsoft Gives Security Copilot Some Autonomy
Description: New agentic AI capabilities in Microsoft Security Copilot will allow agents to triage threats and provide recommendations.
Source: Dark Reading
March 25th, 2025 (3 months ago)
AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface
Description: Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that’s just one major SaaS provider.
Source: TheHackerNews
March 25th, 2025 (3 months ago)
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
Description: Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users. "These threats disguise themselves as legitimate apps, targeting users to steal sensitive information," McAfee Labs researcher Dexter Shin said. .NET
Source: TheHackerNews
March 25th, 2025 (3 months ago)
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Description: Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser. The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time to
Source: TheHackerNews
March 24th, 2025 (3 months ago)
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks
Description: Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data—demonstrating how built-in security isn't always enough. Don't let threats persist in your cloud data. Strengthen your defenses. [...]
Source: BleepingComputer
March 24th, 2025 (3 months ago)
AI agents swarm Microsoft Security Copilot
Source: TheRegister
March 24th, 2025 (3 months ago)
Microsoft tastes the unexpected consequences of tariffs on time
Source: TheRegister
March 24th, 2025 (3 months ago)

CVE-2025-29806
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.15%

Source: CVE
March 23rd, 2025 (3 months ago)