Microsoft

Beyond the benchmark: Advancing security at AI speed

Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into ...
MSN on MSN

Microsoft built its own coding AI to lean less on OpenAI

Microsoft used its Build 2026 keynote to ship a coding AI model built entirely in-house, a direct move to reduce its ...
TechRepublic

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth tokens. A new phishing service is turning a legitimate Microsoft login process ...
Cyber Wire

Attackers found a new way around MFA.

The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds ...
The Hacker News

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn't log in without the ...
techtimes

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

A criminal subscription service called Kali365 is hijacking Microsoft 365 accounts at organizations across multiple sectors without ever touching a user's password — and it defeats multi-factor ...
Windows Report

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

The FBI is warning organizations about Kali365, a phishing-as-a-service platform that hijacks Microsoft 365 accounts by abusing OAuth device code authentication, as Bleeping Computer writes. The ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft ...
TechCrunch

GitHub says hackers stole data from thousands of internal repositories

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said ...
Bleeping Computer

GitHub confirms breach of 3,800 repos via malicious VSCode extension

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

The TeamPCP hacking group accessed the repositories after a GitHub employee installed a poisoned VS Code extension. Microsoft-owned code-hosting platform GitHub on Wednesday morning confirmed that ...