Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.
The post ‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot appeared first on SecurityWeek.
Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal
Enterprise cybersecurity giant Proofpoint is buying Germany-based Microsoft 365 security solutions provider Hornetsecurity.
The post Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal appeared first on SecurityWeek.
Microsoft 365 Targeted in New Phishing, Account Takeover Attacks
Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns.
The post Microsoft 365 Targeted in New Phishing, Account Takeover Attacks appeared first on SecurityWeek.
Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing
Knostic provides a “need-to-know” filter on the answers generated by enterprise large language models (LLM) tools.
The post Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing appeared first on SecurityWeek.
Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
A China-linked botnet powered by 130,000 hacked devices has targeted Microsoft 365 accounts with password spraying attacks.
The post Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts appeared first on SecurityWeek.