More results...
Threat actors are leveraging Microsoft 365’s Direct Send feature to launch sophisticated phishing campaigns that mimic internal organizational emails, eroding trust and heightening the success rate of social engineering exploits. This feature, de…
Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards.
The post Microsoft Boosts .NET Bounty Program Rewards to $40,000 appeared first on SecurityWeek.
Microsoft has announced a significant new feature for IT administrators that will enhance network monitoring capabilities within Microsoft Teams. Starting September 2025, administrators will gain access to silent, 60-second test call functionality desi…
Threat actors are leveraging sophisticated phishing campaigns by creating fake Microsoft OAuth applications to impersonate legitimate enterprises, enabling credential theft while bypassing multifactor authentication (MFA). Proofpoint researchers have t…
Microsoft announced a significant security enhancement for Excel users, revealing plans to block external workbook links to unsafe file types by default starting in October 2025. This major change aims to strengthen workbook security by preventing pote…
Microsoft has announced significant enhancements to its .NET Bounty Program, introducing expanded coverage, streamlined award structures, and substantially increased financial incentives for security researchers. The updated program now offers maximum …
A significant cybersecurity crisis has emerged with the discovery of over 17,000 Microsoft SharePoint servers exposed to internet-based attacks, including 840 systems vulnerable to a critical zero-day vulnerability that Chinese threat actors are active…
A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim count due to underreporting and delayed detec…
Microsoft has unveiled new guidance addressing one of the most pressing security challenges facing enterprise AI deployments: indirect prompt injection attacks. This emerging threat vector has become the top entry in the OWASP Top 10 for LLM Applicatio…
Microsoft Teams is rolling out a new meeting join banner designed to streamline the meeting experience for users who have committed to attending scheduled sessions. The feature, which launched in mid-July 2025, represents the company’s continued …