Content by Microsoft Defender Security Research Team (16)

The Microsoft Defender Security Research Team analyzes how malicious AI-themed browser extensions harvest LLM chat histories and enterprise data, highlighting significant security risks.

Microsoft Defender Security Research Team explores how attackers are abusing stolen EV certificates and trusted workplace app branding to deliver RMM backdoors via phishing. The article details infection chains, hunting, mitigations, and provides practical security guidance.

Authored by the Microsoft Defender Security Research Team, this article explores how OAuth redirection mechanisms are exploited to deliver phishing and malware, offering technical insight and actionable defense strategies.

The Microsoft Defender Security Research Team examines the unique security risks of self-hosted agents like OpenClaw, detailing how identity, isolation, and runtime controls are critical for safe deployment.

Microsoft Defender Security Research Team provides a detailed overview of the top 10 security risks in Copilot Studio agent deployments, offering practical detection and mitigation strategies for secure use of AI-powered business workflows.

Microsoft Defender Security Research Team explores how AI systems, including Microsoft 365 Copilot, are vulnerable to AI memory poisoning attacks—where malicious prompts manipulate AI recommendations. The article details attack vectors, detection methods, and defenses against this growing threat.

Microsoft Defender Security Research Team presents a technical walkthrough of a multi-stage attack exploiting SolarWinds Web Help Desk, with actionable defensive guidance and hunting tips.

The Microsoft Defender Security Research Team dissects the CrashFix variant of ClickFix, revealing how it combines malicious browser extensions, PowerShell obfuscation, and a portable Python-based RAT to compromise and persist on high-value Windows systems.

The Microsoft Defender Security Research Team analyzes how modern infostealer malware campaigns, including those targeting macOS and Python-based attacks, are evolving. This piece provides actionable security insights and is essential reading for security professionals.

The Microsoft Defender Security Research Team details the LangGrinch (CVE-2025-68664) vulnerability affecting AI supply chains, with actionable guidance for enterprise security using Microsoft Defender tools.

The Microsoft Defender Security Research Team explains how security analysts can use AI to extract and validate TTPs from threat reports. Authored by the Defender Research Team, this workflow streamlines detection analysis while keeping experts in the loop.

The Microsoft Defender Security Research Team shares in-depth guidance on securing Microsoft Copilot Studio AI agents at runtime, demonstrating how Defender’s real-time protection thwarts malicious prompt injections and data exfiltration attempts.

Microsoft Defender Security Research Team investigates a sophisticated AiTM phishing and BEC attack campaign leveraging SharePoint, providing in-depth insights, detection analytics, and actionable defense strategies for security practitioners.

The Microsoft Defender Security Research Team examines security challenges arising from autonomous AI agents and demonstrates how Microsoft Defender helps secure these systems. Key strategies and posture management capabilities for multi-cloud environments are highlighted.

Microsoft Defender Security Research Team delivers expert analysis of the React2Shell vulnerability (CVE-2025-55182) in React Server Components, providing mitigation strategies and Defender integration guidance for securing enterprise systems.

Microsoft Defender Security Research Team presents an in-depth analysis of the Shai-Hulud 2.0 attack, offering actionable detection, investigation, and defense guidance for developers and security professionals in cloud-native environments.