The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.
The Hacker News

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be ...
Dark Reading

China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments

A China-backed persistent threat actor known as Webworm is targeting governmental organizations across Europe, and it's using unusual command-and-control mechanisms to do so. Security vendor ESET this ...
TechRepublic

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. More than 1,300 internet-exposed Microsoft ...
Bleeping Computer

Microsoft traces Universal Print issues to Graph API code change

Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. Universal Print is a cloud-based print ...
Bleeping Computer

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. The malware is developed by Harvester, an espionage group ...
SecurityWeek

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft’s latest Patch Tuesday updates fix 165 vulnerabilities, including a SharePoint zero-day that has been exploited in the wild. The exploited SharePoint Server vulnerability is tracked as ...
Visual Studio Magazine

Microsoft Ships Production-Ready Agent Framework 1.0 for .NET and Python

Microsoft says Agent Framework 1.0 is the production-ready release, with stable APIs and long-term support for both .NET and Python. The framework is presented as a unified successor path that builds ...
Redmond Magazine

Microsoft's SharePoint Turns 25, Rolls Out Agentic AI Building and Governance Tools

Microsoft introduced AI in SharePoint, enabling natural language-driven site, page and list creation under the Microsoft 365 Copilot license. Advanced AI capabilities initially rely on Anthropic's ...
TechRepublic

Microsoft Is Retiring Standalone SharePoint, OneDrive Plans

Microsoft will retire standalone SharePoint Online and OneDrive for Business plans, ending sales in June 2026 and service in December 2029. Microsoft is making a big change to how businesses buy ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...