August 6, 2025
Defender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud. Additionally, third-party network signals can […]
August 5, 2025
We’re thrilled to share that this year, the Microsoft Bounty Program has distributed $17 million to 344 security researchers from 59 countries, the highest total bounty awarded […]
August 5, 2025
In today’s AI-first world, identity and network access are the first touchpoints for enforcing least privilege and protecting against sophisticated, identity-based attacks—but for many organizations, that […]
August 4, 2025
Last year, we announced the largest hacking event in history: Zero Day Quest, with up to $4 million in bounty awards. The response from the global […]
August 1, 2025
In today’s fast-evolving landscape, where businesses balance on-premises systems and cloud resources, identity-based cyberthreats are growing more frequent and sophisticated. The question isn’t whether an identity […]
August 1, 2025
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been targeting embassies located in Moscow […]
July 31, 2025
We’re excited to announce significant updates to the Microsoft .NET Bounty Program. These changes expand the program’s scope, simplify the award structure, and offer great incentives for […]
July 31, 2025
We’re excited to announce significant updates to the Microsoft .NET Bounty Program. These changes expand the program’s scope, simplify the award structure, and offer great incentives for […]
July 29, 2025
Summary The growing adoption of large language models (LLMs) in enterprise workflows has introduced a new class of adversarial techniques: indirect prompt injection. Indirect prompt injection […]
July 29, 2025
Microsoft Threat Intelligence has discovered a macOS vulnerability that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), […]
July 23, 2025
You can’t protect what you can’t see. Security operations teams have long been faced with the challenge of managing massive, fast-growing datasets, and the cost of […]
July 23, 2025
On July 19, 2025, Microsoft Security Response Center (MSRC) published a blog addressing active attacks against on-premises SharePoint servers that exploit CVE-2025-49706, a spoofing vulnerability, and […]