Microsoft is a organization tracked across 50 threat clusters and 342 intelligence report mentions on ThreatCluster. First observed October 27, 2025; most recent activity July 17, 2026.
Microsoft Office 2016 to 2024 and Office 365 apps are affected by a zero-day vulnerability (CVE-2026-21509) that is currently being exploited in attacks. Microsoft has released emergency security updates to address this…
Russian state-backed hackers from APT28 are actively exploiting a high-severity stored cross-site scripting vulnerability (CVE-2025-66376) in the Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities.…
The Russian Foreign Intelligence Service (SVR) has been exploiting multiple vulnerabilities, including the SolarWinds breach, to compromise U.S. and allied networks. The SolarWinds attack, which began in September 2019,…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
On March 11, 2026, the Iranian-linked hacking group Handala executed a significant cyberattack on Stryker, a major U.S. medical technology company, causing a global disruption across its Microsoft environment. The…
In July 2026, Adobe and Microsoft released significant security updates addressing numerous vulnerabilities. Adobe issued 12 bulletins for 88 unique CVEs, with a focus on ColdFusion and Commerce patches, including a…
The TeamPCP threat group has expanded its supply chain attack campaign, compromising the Microsoft DurableTask Python client with versions v1.4.1, v1.4.2, and v1.4.3 found to contain a credential-stealing worm. This…
Microsoft has patched a high-severity zero-day vulnerability in Exchange Server, tracked as CVE-2026-42897, which allows attackers to execute arbitrary JavaScript via crafted emails in Outlook Web Access. The flaw…
CVE-2026-21514 is a security feature bypass vulnerability in Microsoft Word, disclosed on February 10, 2026. This flaw allows attackers to exploit nearly 14 million assets across seven Tier 1 countries, primarily in the…