New Helix extortion group steals SharePoint data after compromising Microsoft 365 accounts through voice phishing and MFA ...
ACR Stealer campaigns use ClickFix lures, JPEG steganography, and WebDAV to steal browser tokens, passwords, PDFs, and synced ...
An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce and other platforms, and accessed data across multiple customer environments ...
A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code ...
Microsoft has observed a surge in attacks using the ACR Stealer malware to steal browser-stored passwords, authentication ...
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Microsoft is extending Dataverse into coding-agent marketplaces while expanding its MCP tools, certification program and governance controls.
In other news, a DHS database was hacked, Adobe is releasing patches twice a month, and Canada has disrupted ransomware operations.