A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system ...

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...

Microsoft says North Korean-linked BlueNoroff compromised a Mastra npm maintainer account and published more than 140 ...

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...

An urgent alert has been issued to millions of Windows users after the discovery of a new scam that offers Office and Spotify ...

Microsoft has identified Crypto Clipper, a self-propagating malware that spreads via USB drives, stealing cryptocurrency ...