Filings: How Amazon’s $50B OpenAI deal actually works, and what they’re keeping secret

Amazon's $50 billion OpenAI investment made big headlines, but the SEC filings tell a more complicated story.
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.

Microsoft expands Online Services Bug Bounty with new programs for Azure and Project Spartan

As Online Services Bug Bounty Program grows, it will not envelope two of Microsoft’s new online services: Azure is Microsoft’s cloud platform and the backbone of Microsoft cloud services. This program ...