A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to ...

Some Republican-controlled states are moving to redraw legislative maps to pad their party's narrow House majority in ...

Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but ...

The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...

External workbook links which point to file types blocked by Excel's Trust Center will be disabled by default starting in October 2025, as Microsoft tightens down on reducing the potential security ...

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges.

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to ...

Threat actors abuse Proofpoint and Intermedia link wrapping to deliver phishing emails and steal Microsoft 365 credentials.

Over the past three months, our threat analysts have noticed a significant spike in attackers abusing Microsoft 365’s Direct Send feature—a tool intended for devices like printers or scanners to send ...

A new SharePoint exploit bypassed Microsoft’s patch, exposing over 8,000 systems and revealing deep flaws in on-premise ...

Nightfall AI launches Nyx, the first autonomous data loss prevention platform using AI to cut false alerts by 90% and protect enterprise data from insider threats and ChatGPT leaks.