Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark

In this article 1. AI-powered vulnerability discovery at hyper-scale 2. Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harness 3. Using codename MDASH for security research 4. The 5.12.2026 Patch Tuesday cohort 5. Two deep dives 1. CVE-2026-33827—Remote unauthenticated UAF ...

Strengthening secure software at global scale: How MSRC is evolving with AI

Cybersecurity has always been a race between defenders and attackers, constrained by human time, attention, and scale. What is changing now is the level of capability available to apply security fundamentals with far greater reach and speed...

`time_calibrator` was removed from crates.io due to malicious code

It was reported timecalibrator contained malicious code, that would try to upload .env files to a server. The malicious crate had only 1 version published at 2026-02-28 and no evidence of actual usage. The crate was removed from crates.io and the user account was locked. There were no crates...

`tracings` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in an attempt to exfiltrate Polymarket credentials. The malicious crate had 1 version published on 2026-02-26 approximately 9 hours before removal and had no evidence of actual usage. The only crate depending on this crate was the...

AgenticCyber: A GenAI-Powered Multi-Agent System for Multimodal Threat Detection and Adaptive Response in Cybersecurity

The increasing complexity of cyber threats in distributed environments demands advanced frameworks for real-time detection and response across multimodal data streams. This paper introduces AgenticCyber, a generative AI powered multi-agent system that orchestrates specialized agents to monitor...

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code VS Code extensions published in the marketplace. The action comes following a report from cloud security company Wiz earlier...

CISA Known Exploited Vulnerabilities May 2025: A Guide

Your vulnerability management backlog is probably overflowing. With thousands of new CVEs disclosed every year, it’s impossible to patch everything, and trying to do so leads to burnout and wasted effort. The CISA KEV catalog is the answer to this overwhelming noise. It’s not just another list of...

EUVD-2012-4596

Malware in sbrugna...

EUVD-2025-7513

Malicious code in bioql PyPI...

When Dependencies Turn Dangerous: Responding to the NPM Supply Chain Attack

On September 8, 2025, attackers compromised a set of 18 widely used npm packages —including chalk, debug, ansi-styles, and strip-ansi—collectively downloaded over 2.6 billion times per week. Through a targeted phishing campaign against a maintainer, the attackers published malicious versions...

Microsoft Bounty Program year in review: $17 million in rewards

We’re thrilled to share that this year, the Microsoft Bounty Program has distributed $17 million to 344 security researchers from 59 countries, the highest total bounty awarded in the program’s history. In close collaboration with the Microsoft Security Response Center MSRC, these security...

Disrupting active exploitation of on-premises SharePoint vulnerabilities

July 23, 2025 update – Expanded analysis and threat intelligence from our continued monitoring of exploitation activity by Storm-2603 leading to the deployment of Warlock ransomware. Based on new information, we have updated the Attribution, Indicators of compromise, extended and clarified...

Understanding Malware Propagation Dynamics through Scientific Machine Learning

Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...

Rising star: Meet Dylan, MSRC’s youngest security researcher

At just 13 years old, Dylan became the youngest security researcher to collaborate with the Microsoft Security Response Center MSRC. His journey into cybersecurity is inspiring—rooted in curiosity, resilience, and a deep desire to make a difference. Early beginnings: From scratch to security...

MAL-2025-4557 Malicious code in eu.netherlands3d.address-search (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f727ab240e8ede9cc0244f08ca9bd30bf5f5d1275e1e93940d6758c3523ee989 Any computer that has this package installed or running should be considered...

UK Retail Giant Co-op Shuts Down IT Systems After Cyberattack Attempt

Retailer Acts Swiftly to Limit Threat as UK Retail Sector Faces Growing Digital Risks...

Zero Day Quest 2025: $1.6 million awarded for vulnerability research

This month, the Microsoft Security Response Center recently welcomed some of the world’s most talented security researchers at Microsoft’s Zero Day Quest, the largest live hacking competition of its kind. The inaugural event challenged the security community to focus on the highest-impact securit...

Updated rust packages fix security vulnerability

The Rust Security Response WG was notified that the Rust standard library did not properly escape arguments when invoking batch files with the bat and cmd extensions on Windows using the Command API. An attacker able to control the arguments passed to the spawned process could execute arbitrary...

MAL-2025-2782 Malicious code in resolver-options (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68b3b87faef2aa88da0714f9641eef9b258d050775eb10ec9fac90abbae5d8b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2663 Malicious code in datahub-react-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1d82378a4b4eeb1355f9d5fbee783eb02ebfd625e5b7480f1ab594461b8d90d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...