Threat actors leverage tax season to deploy tax-themed phishing campaigns

As Tax Day approaches in the United States on April 15, Microsoft has observed several phishing campaigns using tax-related themes[…]

Read More

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware[…]

Read More

Threat actors misuse OAuth applications to automate financially driven attacks

Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. OAuth is an open standard for[…]

Read More

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to[…]

Read More

Threat actors strive to cause Tax Day headaches

Threat actors often take advantage of current events and major news headlines to align attacks and leverage social engineering when[…]

Read More