WinbuzzerHow a Microsoft 365 Copilot Flaw Turned Diagrams Into Data-Stealing Traps
#CyberSecurity #AI #Microsoft #InfoSec #M365Copilot #Vulnerability #DataBreach #Microsoft365 #AISafety #PromptInjection #DataSecurity #TechNews #MSRC #AIsecurity #EnterpriseIT
BGDon 🇨🇦 🇺🇸 👨💻Microsoft fesses up! SharePoint servers hacked. Hundreds of organizations have been breached.
On July 19, Microsoft Security Response Center (MSRC) published a blog outlining active attacks against on-premises instances of SharePoint servers that exploit CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution vulnerability.
Microsoft indicated multiple actors including Chinese nation-state hackers Linen Typhoon and Violet Typhoon are working to exploit these vulnerabilities.
The US Department of Energy confirmed that the National Nuclear Security Administration which oversees and maintains US nuclear weapons was breached.
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ #Hackers #China #CyberSecurity #Security #SharePoint #Microsoft #MSRC #LinenTyphoon #VioletTyphoon
Yet another Josh 
Does anybody happen to work for the #Microsoft #Security #Response #Center #MSRC ?
I just applied to https://jobs.careers.microsoft.com/global/en/job/1803115 and wanted to touch base with someone internally, to prove that I'm a real human and not a AI agent 😂
raptor 
The final day of #ZeroDayQuest was truly a blast 💥 While I’m still unpacking all that has happened (not to mention a baggage full of swag), I’d like to thank once again #MSRC for their warm welcome and impeccable organization.
I’m so happy to have been part of an event that has already made history in our industry. Congratulations to all the winners! Cheers, my friends 🥂
Rene RobichaudGuide des mises à jour de sécurité Microsoft
https://msrc.microsoft.com/update-guide/vulnerability
#Infosec #Security #Cybersecurity #CeptBiro #Guide #MisesAjour #Microsoft #WindowsUpdate #MSRC
Sass, DavidIs #Microsoft #Defender for #Identity part of the #MSRC #Bounty program?
Asking for a fried.
Happy to announce that, with 23 valid reports and 660 total case points, I’m 25th worldwide in this year’s #MSRC Most Valuable Researcher (#MVR) leaderboard!
https://msrc.microsoft.com/leaderboard
Stay tuned to the @hnsec blog for a comprehensive writeup. And, who knows, perhaps even a conference talk is brewing…
Thijs AlkemadeReporting issues in Windows. 🤡
* August, 25, 2023: Issue reported to MSRC.
…
* April 9, 2024: Fix released as CVE-2024-20693.
* April 25, 2024: MSRC asks Microsoft Bounty Team for an update, CCing us.
* April 26, 2024: Microsoft Bounty Team sends back a boilerplate reply that the case is under review.
* May 17, 2024: MSRC asks Microsoft Bounty Team for an update, CCing us again.
* May 22, 2024: Microsoft Bounty Team replies that the vulnerability is out of scope for a bounty, claiming it wasn’t reproduced on the right WIP build.
Not SimonNew Microsoft Security Response Center (MSRC) security advisory for Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability CVE-2024-29991 (5.0 medium). A lot of information is revealed: attack complexity=high, and MSRC says that it would need to be used in an exploit chain for an attack. An attacker must send the user a malicious file and convince them to open it. 🔗 https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-29991