Content by Microsoft Defender Experts and Microsoft Defender Security Research Team (3)

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

by Microsoft Defender Experts and Microsoft Defender Security Research Team
Microsoft Defender Experts and Microsoft Defender Security Research Team break down a cryptojacking campaign that uses SEO poisoning (and AI chatbot referrals) to deliver trojanized “utility” downloads, then abuses ScreenConnect for persistent access and hides mining activity via process hollowing into Microsoft-signed .NET Framework binaries.
News

Contagious Interview: Malware delivered through fake developer job interviews

by Microsoft Defender Experts and Microsoft Defender Security Research Team
Microsoft Defender Experts and the Microsoft Defender Security Research Team expose the Contagious Interview campaign, detailing how fake technical interviews target developers with malware. Their research highlights attack methods, malware payloads, and practical protection strategies.
News

Malicious Next.js Repositories Used in Developer-Targeting Attack: RCE and C2 via Build Workflows

by Microsoft Defender Experts and Microsoft Defender Security Research Team
Microsoft Defender Experts and the Security Research Team provide an in-depth report on a developer-targeted campaign using malicious Next.js repositories that exploit common coding workflows. The analysis details how attackers achieve remote code execution and persistent C2, with actionable security guidance.
News

End of content

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.