Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data

Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data

Cybercriminals are exploiting Microsoft 365's Direct Send feature to bypass security filters and conduct phishing campaigns. This legitimate feature, designed for enterprise convenience, has become a vector for business email compromise attacks, prompting security researchers to raise alarms.
Oct 22, 2025 Actor: Cybercriminals Sector: Corporate Region: Global
Hackers Exploit Azure Apps to Create Malicious Apps Impersonating Microsoft

Hackers Exploit Azure Apps to Create Malicious Apps Impersonating Microsoft

A recent investigation revealed a critical loophole in Azure applications that allowed hackers to create malicious apps using reserved Microsoft names. This vulnerability enabled attackers to gain unauthorized access and escalate privileges within Microsoft 365 environments, posing significant risks to organizations.
Oct 22, 2025 Actor: Unknown Sector: Information Technology Region: Global