Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this ...

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

Microsoft’s nation-state security incident continues to be a headache for the company. Microsoft’s nation-state security incident continues to be a headache for the company. is a senior editor and ...

Forbes contributors publish independent expert analyses and insights. A hacked Microsoft account is usually fairly straightforward to fix, and there are measures you can take to keep your account safe ...

If your Microsoft account keeps asking for a password multiple times a day, then it is mostly because the security has doubts about your account and there is something that triggers a check. Some of ...

A phishing scam posing as a Microsoft security alert is targeting users with emails that claim an alert has been triggered on their account. The link appears safe at first glance, often pointing to a ...