Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain ...
Bleeping Computer

Microsoft 365 to let SecOps lock hacked Active Directory accounts

Microsoft is updating Microsoft Defender for Identity to allow security operations (SecOps) teams to block attacks by locking a compromised user's Active Directory account. Microsoft Defender for ...
WinBuzzer

February 2026 Patch Tuesday: Microsoft Fixes 6 Active Zero-Days

Microsoft has patched six exploited zero-days in February 2026 Patch Tuesday, addressing 58 vulnerabilities and triggering ...
Microsoft

Copilot Studio agent security: Top 10 risks you can detect and prevent

Copilot Studio agents are increasingly powerful. With that power comes risk: small misconfigurations, over‑broad sharing, unauthenticated access, and weak orchestration controls can create real ...
Redmondmag.com

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...