Microsoft Threat Intelligence

5.9K posts

Microsoft Threat Intelligence banner
Microsoft Threat Intelligence

Microsoft Threat Intelligence

@MsftSecIntel

We are Microsoft's global network of security experts. Follow for security research and threat intelligence.

Redmond, WA Katılım Kasım 2010
995 Takip Edilen196.1K Takipçiler
Microsoft Threat Intelligence
Microsoft identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-based applications. msft.it/6016v0QtG Across intrusion paths, threat actors abused trusted OAuth relationships to gain unauthorized access, maintain persistence, and exfiltrate data at scale. By inheriting user and application privileges, threat actors were able to access customer data while evading traditional authentication-focused detections. Microsoft consulted with Salesforce to improve granularity in telemetry for Microsoft Defender for Cloud Apps with near-real-time detection, connected application attribution, and expanded application permission insights. Read the latest blog from the Microsoft Defender Research Team to learn how security teams can defend against SaaS-based attack paths.
English
2
19
65
9K
Microsoft Threat Intelligence
While investigating wiping attacks, Microsoft Threat Intelligence uncovered GigaWiper, a destructive backdoor that combines multiple wiping and ransomware-like capabilities into one implant. msft.it/6014vIRAe Our analysis found that the backdoor embeds previously separate malware families as on-demand commands: a standalone disk wiper, code derived from Crucio ransomware, and a reimplementation of the FlockWiper wiper in Golang. Read our latest blog for a code-level analysis of GigaWiper, detailed breakdowns of its persistence, command-and-control, and destructive capabilities, and guidance to help defenders investigate, detect, and defend against similar threats.
English
2
22
74
14.8K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
AI is accelerating vulnerability research on both sides of the security equation, enabling defenders to find and prioritize issues faster while also lowering barriers for threat actors. As these capabilities become more accessible, cybersecurity experts expect vulnerability volume to continue growing. msft.it/6018vtb2M The rapid pace of software development is making responsible disclosure increasingly complex. Security researchers must balance the value of publishing vulnerability findings that help defenders against the risk of making those same insights available to adversaries. Security teams face a future where AI-powered capabilities are available to nearly everyone, yet the impact extends beyond technology. As AI takes on more security tasks, cybersecurity professionals continue to wrestle with which decisions should remain human-driven and where expertise, judgment, and community matter most. Learn more from Casey Ellis, founder of Bugcrowd and co-founder of @disclose_io, on the Microsoft Threat Intelligence Podcast with Sherrod DeGrippo.
English
6
4
18
6.7K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
As enterprise deployments mature, some enterprise AI agents are shifting from reading content to taking action, creating opportunities for threat actors to misuse trust relationships within agent workflows. msft.it/6010vssTs In this blog, Microsoft Incident Response explores an attack pattern targeting Model Context Protocol (MCP) tools, where poisoned tool metadata can subtly influence agent decision-making and redirect legitimate workflows toward unintended actions and outcomes. Because each individual action appears legitimate, misuse can be difficult to identify. The issue lies in the trust boundary between approved tools, agent permissions, and connected systems rather than in any single system. Read the full analysis for a practical playbook, mapped to the OWASP Top 10 for Agentic Applications, including guidance to govern agent supply chains, establish stronger controls, and detect anomalous agent behavior.
English
9
7
29
9.2K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Organizations should strengthen user awareness around AI-themed social engineering and use layered defenses that correlate indicators, behavioral signals, and threat intelligence. Read our latest blog for a detailed analysis of the malicious extension, along with Microsoft Defender detection, mitigation, and protection guidance.
English
0
1
7
3K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
While browser search hijacking is not new, this research highlights how threat actors are operationalizing AI to accelerate attacks, specifically the use of AI brands as a social engineering vector. msft.it/6012vsBDK
English
1
2
9
4K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
A malicious Chromium-based extension spoofed the AI-powered answer engine Perplexity AI to intercept browser search traffic and collect user input before redirecting users to expected search providers. msft.it/6011vsBDJ
English
8
15
65
15.9K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
A single intrusion exposed parallel activity from two unrelated threat actors operating at the same time, blending tactics, obscuring signals, and enabling sustained access while masking the full scope of the compromise. msft.it/6013vqXjW Microsoft Incident Response found activity associated with Storm-2603, including reconnaissance targeting on-premises SharePoint servers, persistence through legitimate tools, and multiple remote access channels. Investigators also uncovered a second threat actor whose use of DLL sideloading and custom backdoors complicated attribution and detection. The case highlights how overlapping intrusion activity can mask the full scope of an attack and why connected telemetry, coordinated response, and operational preparedness remain critical for defenders. Read the full cyberattack series report to learn more.
English
1
24
72
15.5K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Microsoft Threat Intelligence has identified an active multi-stage intrusion campaign targeting hospitality organizations in Europe and Asia. The campaign uses photo-themed ZIP archives and fake image shortcut files to deliver a persistent Node.js implant and evade detection. msft.it/6010vUC3w Threat actors have continued to refine the campaign over time while maintaining the same core attack chain. Microsoft observed two distinct waves of activity, including changes to delivery mechanisms, infrastructure, and evasion techniques designed to help the operation persist and avoid detection. For example, the second wave demonstrates the resilience of the campaign's dual-persistence model. In one observed case, malicious payloads were blocked, yet Node.js persistence remained active and later re-established command-and-control (C2) communications through new infrastructure. Learn more about the campaign's evolution, phishing infrastructure, and persistence mechanisms, and review Microsoft Defender detections and recommendations to help organizations investigate and defend against this activity.
English
0
25
56
14.9K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Microsoft Threat Intelligence has observed a supply chain attack targeting the Leo Platform/RStreams npm ecosystem. On June 24, 2026, at 23:04:55 UTC, a compromised maintainer account ("czirker") to publish malicious versions of 20+ npm packages in a coordinated, fully automated operation completed in under three seconds. Each malicious package ships a tiny binding.gyp and a large index.js, with no postinstall script. The attacker hides the install hook inside node-gyp's command expansion: the binding.gyp sources array contains /dev/null 2>&1 && echo stub.c), so npm install runs index.js at build time. index.js is a three-layer dropper: a ROT char code cipher, then AES-128-GCM (two encrypted blobs), then an obfuscator[.]io toolkit. The loader writes the toolkit to /tmp/p.js and runs it under the Bun runtime (downloaded as v1.3.13), not Node, to sidestep Node-based instrumentation and EDR module load detection. On a CI runner or workstation, the toolkit: - Steals runner memory: locates the GitHub Actions Runner.Worker process and reads /proc/{pid}/mem to lift secrets that CI masks in its logs - Sweeps credentials: AWS, GCP, Azure, HashiCorp Vault, Kubernetes, plus npm, PyPI, RubyGems, JFrog tokens, GitHub PATs, and 1Password - Exfiltrates with no C2 domain: commits the stolen secrets to an attacker-controlled GitHub repository using the victim's own GitHub token, a "dead drop" that defeats egress domain blocklists - Self-propagates: republishes any package the victim can publish to, bypassing npm 2FA (bypass_2fa) - Escalates and persists: on GitHub hosted runners write runner ALL=(ALL) NOPASSWD:ALL for sudo, and injects workflows requesting id-token: write This attack affects leo-logger@1.0.8, leo-sdk@6.0.19, leo-aws@2.0.4, leo-config@1.1.1, leo-streams@2.0.1, serverless-leo@3.0.14, leo-connector-mongo@3.0.8, serverless-convention@2.0.4, rstreams-metrics@2.0.2, leo-connector-elasticsearch@2.0.6, leo-auth@4.0.6, leo-cache@1.0.2, leo-cli@3.0.3, leo-cron@2.0.2, leo-connector-redshift@3.0.6, leo-connector-oracle@2.0.1, rstreams-shard-util@1.0.1, leo-connector-mysql@3.0.3, leo-cdk-lib@0.0.2, and solo-nav@1.0.1. Microsoft Defender for Endpoint customers should act on these alerts: - Trojan:JS/MiniShaiHrd[.]ZA!MTB (index.js) - Trojan:JS/PhantomWorm[.]DA!MTB (binding.gyp) - Suspicious Node.js process behavior - Suspicious installation of Bun runtime - Suspicious usage of Bun runtime - Suspicious script execution via Bun - Credential access attempt - Kubernetes secrets enumeration indicative of credential access Microsoft Defender for Cloud detects this activity: - Suspicious supply-chain compromise activity detected - Suspicious npm supply-chain compromise activity detected Customers can also check for these IOCs: - binding.gyp containing
Microsoft Threat Intelligence tweet media
English
3
29
75
19.8K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Our latest blog examines how the infostealer economy feeds ransomware and other cybercriminal operations, provides an in-depth analysis of StealC and Amadey, and shares protection and detection guidance.
English
0
3
6
2.5K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) announced the takedown, suspension, and blocking of domains and command-and-control (C2) servers that formed the backbone of StealC and Amadey infrastructure. msft.it/6019voC9F
English
1
8
19
4.4K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Infostealers like StealC and malware delivery services like Amadey play a central role in intrusions, turning compromises of consumer devices into an enterprise risk. msft.it/6018voC90 These threats harvest passwords, cookies, and session tokens that could allow attackers to bypass MFA.
English
2
19
40
9.4K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Microsoft attributes the Mastra npm supply chain compromise to Sapphire Sleet, a North Korean actor that primarily targets the financial sector. Microsoft has observed use of known Sapphire Sleet infrastructure, malware, and tactics following compromise. msft.it/6011vmpUt
English
4
17
48
11.7K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Research into AutoGen Studio identified an attack chain that could allow attacker-controlled web content rendered by a browsing agent to trigger arbitrary process execution on the host. msft.it/6016vl4uO The technique, which we call “AutoJack”, demonstrates a broader pattern in agent security: when an AI agent can browse untrusted content and interact with privileged local services, localhost could become an attack surface rather than a trust boundary. The issue was reported and addressed during development, and the affected surface was never included in a PyPI release. As AI agents gain access to browsers, tools, and local services, control planes must be authenticated, authorized, and isolated. Learn more and get mitigation and hunting guidance that defenders can use to assess similar risks across agent frameworks in this blog post from the Microsoft Defender Research team.
English
5
8
31
6.9K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Microsoft has published an in-depth breakdown of the Mastra npm supply chain compromise, including a detailed analysis of the second-stage payload. Read the blog to get IOCs, along with recommendations for mitigation, detection, and hunting. msft.it/6015vlpIx
English
1
30
64
8.7K
Microsoft Threat Intelligence
Microsoft Threat Intelligence@MsftSecIntel·
Since February 2026, Microsoft Defender Experts have tracked a cryptocurrency clipper campaign that combines clipboard theft, wallet address replacement, worm-like functionality, and Tor-based communications, enabling both financial gain and continued access to devices. msft.it/6011vlu15 This campaign uses malicious .lnk files to deliver a worm and a script-based stealer. Upon execution, the clipper deploys a portable Tor client, routes traffic through a local SOCKS5 proxy, and blends data theft with remote code execution, turning a financially motivated stealer into a lightweight backdoor. Due to the nature of this attack chain, defenders should hunt for correlated behaviors rather than investigate isolated events. Read our latest blog to get our full analysis, as well as detection and mitigation guidance to help security teams investigate and contain similar activity in enterprise environments.
English
3
23
64
46.1K