Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...
CSOonline

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Reuters

Microsoft, Nvidia to invest in Anthropic as Claude maker commits $30 billion to Azure

Nvidia commits up to $10 billion, Microsoft up to $5 billion to Anthropic Partnership aims to reduce Microsoft, Nvidia reliance on OpenAI — analysts Anthropic's business has boomed thanks to its ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Pew Research Center

What we know about energy use at U.S. data centers amid the AI boom

Artificial intelligence has developed rapidly in recent years, with tech companies investing billions of dollars in data centers to help train and run AI models. The expansion of data centers has ...
9to5Mac

WhatsApp bans AI chatbots from using its business API

Starting next year, AI companies won’t be allowed to use WhatsApp as a chat interface. Here are the details. For the past few months, companies such as OpenAI and Perplexity have launched phone ...
TechCrunch

WhatsApp changes its terms to bar general-purpose chatbots from its platform

Update (15 January, 2025): Meta’s new rules go into effect from today. Companies like OpenAI, Perplexity, and Microsoft have already announced that their WhatsApp chatbot will stop working. Regulators ...
InfoWorld

Using Microsoft’s Data API builder for Azure databases

Microsoft’s declarative REST and GraphQL API design tool supports MySQL and Postgres as well as Azure databases and works anywhere you can run a Docker container. Microsoft Azure is now so big it’s ...
Dark Reading

Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues

A critical Microsoft authentication vulnerability could have allowed a threat actor to compromise virtually every Entra ID tenant in the world. The elevation of privilege (EoP) vulnerability, tracked ...
Bleeping Computer

Microsoft to enforce MFA for Azure resource management in October

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts. This change is part ...