In this next part of the “Hunting Infostealers” series, we’ll cover Python information stealers. The proliferation of Python stealers over the past year has become an escalating concern in the cybers...

The “Hunting Infostealers” blog series covers the ever-evolving threat of infostealers. Infostealers have gone from simple credential theft to subscription-based threats (i.e., Malware-as-a-Service) ...

Attackers compromised the upstream distribution mechanism for EmEditor, a widely used Windows text editor. Instead of delivering malware through phishing or malicious domains, the attackers manipulat...

Co-authors: Dan Weinstock and Christoph Dreymann Azure Virtual Desktop (AVD) has rapidly become a core tool for enabling remote work at scale. Consequently, it’s also emerging as a target for threa...

By: Mukta Agarwal and  Parth Jamodkar Threat actors are increasingly infiltrating organizations by securing legitimate jobs, often through falsified credentials or insider recruitment. Recently, ...

Co-author: Samantha Gardener To stay ahead of today’s sophisticated cyber threats, organizations must embrace a proactive defense strategy that includes these three pillars: emerging trends, adapti...

When threat actors infiltrate a company to steal documents and other critical business information, Microsoft Incident Response - the Detection and Response Team (DART) responds. With more than 4,500...

Co-authors: Sylvie Liu, Principal Product Manager Rajiv Bharadwaja, Principal Software Engineering Manager Abhishek Kumar, Principal Group Manager - Security Research & Operations Security ...

Many people aren’t aware that Microsoft security isn't just about Microsoft, it’s also about the platforms supporting the products we build. This means our reach extends across all operating systems:...

As organizations embed AI across their business, the same technology that drives productivity also introduces a new class of risk: prompts that can be manipulated, data that can be leaked, and AI sys...