July 1, 2025

Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations

Since 2024, Microsoft Threat Intelligence has observed remote information technology (IT) workers deployed by North Korea leveraging AI to improve the scale and sophistication of their […]
May 22, 2025

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Over the past year, Microsoft observed the persistent growth and operational sophistication of Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors to […]
March 14, 2025

Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware

Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com […]
March 7, 2025

Malvertising campaign leads to info stealers hosted on GitHub

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. […]