The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.

Eset says China-aligned Webworm added Discord- and Microsoft Graph-based backdoors, custom proxies and cloud-staged malware ...

ESET Research uncovered and analyzed the latest activities and arsenal of China-aligned Webworm advanced persistent threat ...

Microsoft says Storm-2949 targets Microsoft 365 and Azure environments using MFA abuse, password resets, and cloud data theft ...

China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage ...

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...

EchoCreep, which uses Discord for C&C communication, and GraphWorm, which uses Microsoft Graph API for the same purpose. The ...

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

A series of 2026 comparisons shows Microsoft Copilot outperforming ChatGPT for most Microsoft 365 and Windows users, thanks to deep integration, a free tier, and enterprise security. ChatGPT remains ...

Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. Universal Print is a cloud-based print ...

Microsoft has announced that from next month, files deleted from your OneDrive cloud will no longer appear in the local Recycle Bin or Trash. To recover a file, you will now need to grab it from the ...