Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.

Microsoft Edge for Business adds Copilot workspace grounding and page summarization, rolling out earlier than planned to eligible tenants.

Meta Description: Complete guide to Microsoft Copilot for Education. Learn about the Teach feature, Learning Accelerators, ...

Ukraine's defenders have spotted a new hacking attack ...

Microsoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing ...

AI attackers exploit Microsoft 365 misconfigurations at scale, with 13M phishing emails blocked in October 2025.

A hacker noticed the change in its status and hijacked the dead add-in and its 4.71-star rating to conduct a phishing ...

Hackers hijacked a legitimate Outlook add-in and turned it into a phishing kit, stealing over 4,000 Microsoft credentials ...

Microsoft said the bug meant that its Copilot AI chatbot was reading and summarizing paying customers' confidential emails, bypassing data protection policies.

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

A Microsoft Outlook add-in was abandoned and taken over by hackers, who used it to collect email accounts and banking data.