Social Engineering
The latest Social Engineering coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft 365 OAuth Phishing: Key Threats and Zero Trust Defenses
Microsoft 365 has become a prime target for cybercriminals leveraging OAuth phishing attacks, a sophisticated form of credential theft that bypasses traditional security measures. These attacks...
Phishing Attacks Exploit Microsoft Copilot: A Growing Cybersecurity Concern
Introduction As organizations increasingly integrate AI-powered tools like Microsoft Copilot into their workflows, cybercriminals are exploiting these technologies to launch sophisticated phishing...
March 2025 Patch Tuesday: Microsoft Addresses 50+ Security Flaws Including 6 Zero-Day Exploits
Microsoft's March 2025 Patch Tuesday has arrived with critical updates addressing over 50 security vulnerabilities, including six actively exploited zero-day flaws affecting Windows 10, Windows 11,...
Phantom Goblin malware steals Windows credentials via fake job offers and invoices
The cybersecurity landscape has witnessed the emergence of Phantom Goblin, a sophisticated stealer malware that leverages social engineering tactics to compromise Windows systems. This advanced...
Russian APT29 Exploits Microsoft 365 Device Code Flow in Sophisticated Consent Phishing Attacks
The digital battleground has shifted once again, with cybersecurity researchers uncovering a sophisticated Russian state-sponsored campaign exploiting Microsoft 365's authentication infrastructure....
Fake Chrome update scams surge 240%, target Windows 10 and 11 users with info-stealers
Windows users are facing a growing threat from sophisticated fake browser update scams that deliver malware through social engineering tactics. These attacks mimic legitimate update prompts to trick...
Russian Cyber Attacks Exploit Microsoft 365 Device Code Authentication in Phishing Campaigns
Russian state-sponsored hackers are actively exploiting Microsoft 365's device code authentication flow in sophisticated phishing campaigns targeting government and corporate networks. Cybersecurity...
Exploiting Microsoft Device Code Authentication: An Emerging Threat to Microsoft 365 Security
Introduction In recent months, cybersecurity researchers and Microsoft have uncovered a sophisticated new threat targeting Microsoft 365 (M365) accounts through an unexpected vulnerability: the...
Protecting Your Microsoft 365: Beware the New Phishing Campaign Targeting Device Code Authentication
Microsoft 365 users are facing a sophisticated new phishing campaign that exploits device code authentication, putting sensitive business data at risk. Security researchers have identified this...
Cybersecurity Alert: Ransomware Exploits Target Microsoft Office 365 and Teams Vulnerabilities
Introduction Cybersecurity alarms have been raised due to active exploitation of vulnerabilities and misconfigurations in Microsoft Office 365 and Microsoft Teams. Over recent months, sophisticated...
Advanced Phishing Attacks Exploit Microsoft 365: Strategies for Protection
Introduction Phishing scams have long been a persistent threat in the cybersecurity landscape, continually evolving to bypass traditional defenses. Recent reports from Fortinet's FortiGuard Labs...