You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
phishing
About this tag
Phishing attacks continue to evolve beyond fake login pages, as shown in recent WindowsForum.com discussions. The Kali365 device-code scam hijacks Microsoft 365 accounts by abusing legitimate sign-in flows, while Russian-linked phishing targets encrypted messaging apps like Signal and WhatsApp. ClickFix scams now use Windows Terminal to deliver Lumma Stealer, and a Reprompt attack on Copilot Personal enables one-click data exfiltration. Microsoft Security Copilot helps organizations like Toyota Leasing Thailand accelerate phishing triage. Passkeys offer a defense against credential theft, and Edge spoofing flaw CVE-2025-65046 shows how UI deception can aid phishing. Users are advised to back up data and avoid clicking suspicious upgrade prompts.
The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April and distributed mainly through Telegram, is being used to hijack Microsoft 365 accounts by abusing Microsoft’s legitimate device-code sign-in flow. The important word there is not “phishing.” It is...
CISA and the FBI issued an updated June 2026 public warning that Russian intelligence-linked cyber actors are continuing phishing campaigns against commercial messaging applications, expanding on a March alert with newer tactics, mitigations, and examples of fraudulent messages. The important...
Microsoft’s security team has raised the alarm on a subtle but effective evolution of the long-running ClickFix social‑engineering scam: attackers are now tricking victims into opening Windows Terminal and pasting encoded commands directly into it, which in multiple observed chains results in...
A new, deceptively simple attack named “Reprompt” has exposed a critical weakness in Microsoft Copilot Personal: with a single click on a legitimate Copilot deep link an attacker could, under the right conditions, mount a multistage, stealthy data‑exfiltration chain that pulls names, locations...
I switched my Microsoft account from a password to a passkey — and within days the stream of automated sign-in attempts from unfamiliar countries turned into harmless noise because there was nothing left for attackers to guess.
Background: why this matters right now
Passwords are still the most...
Toyota Leasing Thailand’s security team turned to Microsoft Security Copilot to protect customer data and preserve trust, embedding the AI assistant into a Microsoft security stack (Defender, Entra, Purview) to accelerate phishing triage, reduce analyst toil, and deliver leadership-ready...
Microsoft has confirmed a Chromium‑based Microsoft Edge spoofing flaw, tracked as CVE‑2025‑65046, that allows a malicious page or a content script injected into a page to display a browser extension’s popup over a permission prompt or screen‑share dialog, enabling the extension UI to impersonate...
Microsoft’s latest upgrade push has turned into a cautionary tale: a combination of release‑pipeline bugs, confusing on‑screen messaging, and the ever‑present threat of scammy pop‑ups has left some users finding themselves on the wrong side of a Windows 11 installation without meaning to. The...
This morning’s inbox flood — five obvious spam messages slipping straight into the primary view of an Outlook user — is not an isolated annoyance. It’s a live demonstration of where Microsoft’s email stack still fails everyday people: spam and phishing still reach the inbox, user trust erodes...
Imagine a perfectly plausible Microsoft email — logo, tone, and even an apparent microsoft.com link — that quietly hands your credentials to a criminal because your brain read a visual illusion instead of the actual characters in the address. This is the new face of a classic trick...
RSA’s new RSA ID Plus for Microsoft lineup — anchored by the RSA ID Plus M1 SKU now generally available on the Microsoft Azure Marketplace — is a deliberate attempt to layer phishing‑resistant, passwordless identity controls and operational resilience on top of Microsoft Entra ID, with a...
The Louvre’s security humiliation—reports that a surveillance server could be accessed with the password “LOUVRE”—has turned a sensational daytime robbery of the Galerie d’Apollon into a wider institutional reckoning over museum cybersecurity, procurement failures and the real-world consequences...
Windows 11’s quiet, incremental upgrades have a habit of being overshadowed by flashy headlines — and right now the headline magnet is Copilot. But the single most consequential feature added to the OS in recent updates isn’t an AI assistant at all: it’s passkeys — a modern, cryptographic, and...
Microsoft Copilot Studio agents can be weaponized to deliver highly convincing OAuth consent phishing that results in stolen tokens and persistent account access — a technique researchers have labelled “CoPhish” that leverages legitimate Microsoft-hosted agent pages to evade traditional...
Microsoft’s Copilot Studio can be weaponized to steal OAuth tokens — an attack chain Datadog Security Labs has dubbed “CoPhish” — by hosting malicious agents on Microsoft domains and using the agents’ built‑in sign‑in workflows to deliver convincing OAuth consent prompts that exfiltrate tokens...
Microsoft’s Threat Intelligence team has described a stealthy, financially motivated operation dubbed “payroll pirate” that has, since March 2025, targeted U.S. universities to hijack payroll by compromising Exchange Online and HR SaaS accounts such as Workday and quietly redirecting salaries...
OpenAI says it has disrupted multiple ChatGPT accounts used by threat actors in Russia, China and North Korea who employed the chatbot to design, test and refine malware, credential‑stealers and phishing campaigns — a development that spotlights a fast‑evolving arms race between defensive model...
Google has quietly turned the Chrome toolbar into a direct gateway for Gemini — rolling out what the company calls the “biggest upgrade in its history,” a sweeping set of AI features that embed Gemini natively into the browser, surface an AI Mode in the address bar, and promise future “agentic”...
Microsoft’s free Windows 10 upgrade became a vehicle for a crop of convincing phishing emails that delivered file‑encrypting ransomware disguised as a legitimate installer, according to security researchers — a reminder that major platform announcements instantly become social‑engineering boons...
More than half of the world’s personal computers remain on Windows 10 even as Microsoft’s official support deadline looms, creating a wide and growing security gap that affects consumers, small businesses, and enterprise networks alike. New telemetry shared publicly via cybersecurity vendor...
22h2
activation
ai governance
ai security
ai threat landscape
ai tools
australian smbs
azure virtual desktop
backup
budget
chromebooks
chromeos flex
cloud pc
compliance risk
consumer esu
copilot echoleak
cve-2025-32711
cyber risk smb
cybersecurity
cybersecurity risks
data governance
digital license
disaster recovery
edr
end of life
end of support
end of support migration plan
enterprise esu
enterprise it
esu
esu program
extended security updates
generative ai
governance and risk
hardware compatibility
hardware refresh
hardware upgrade
incident response
installation assistant
inventory
iso
it planning
linux
linux alternatives
media creation tool
mfa
microsoft account
microsoft licensing
migration
patch management
pc health check
phishing
privacy
ransomware
risk management
rufus
secure boot
security checklist
security risks
security updates
small business
smb
smb security
tiny11
tpm
tpm 2.0
uefi
unofficial workarounds
unsupported hardware
unsupported upgrade
upgrade guide
upgrade options
windows 10
windows 10 22h2
windows 10 end of life
windows 10 end of support
windows 10 esu
windows 11
windows 11 migration
windows 11 requirements
windows 11 upgrade
windows 365
windows 365 cloud pc
windows backup
windows lifecycle
windows upgrade
zero-click exfiltration