The CircuitryTHE CIRCUITRY
Feed/

Microsoft/Cloud

M365, Entra ID, Azure, Intune, Defender, Purview, Copilot, and security advisories.

AppleCrypto/FinanceCultureGamingMicrosoft/CloudMusk/Tesla/SpaceXTech/AI
8 stories
By Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

Cops Dismantle Router Hijacks Stealing M365 Logins

International authorities disrupt FrostArmada, an APT28 operation hijacking MikroTik and TP-Link routers to steal Microsoft 365 credentials. The takedown protects enterprises from credential theft that could lead to widespread cloud breaches.

Read article
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

Germany Names REvil and GandCrab Ransomware Leaders

German Federal Police identify Denis Postov and Aleksandr Ermakov as leaders of REvil and GandCrab ransomware operations from 2019-2021. The move advances accountability for cybercrime kingpins, potentially disrupting ongoing threats through international sanctions and arrests.

Read article
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

Researcher Leaks BlueHammer Windows Zero-Day Exploit

A disgruntled researcher leaked exploit code for BlueHammer, an unpatched Windows zero-day (CVE-2024-38112) enabling SYSTEM privilege escalation. Enterprises face urgent risks as attackers weaponize it, demanding immediate patching ahead of Microsoft's next update.

Read article
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1 min read

Microsoft Ties Medusa Ransomware to Zero-Day Attacks

Microsoft attributes zero-day and n-day exploits in high-velocity ransomware attacks to Storm-1175, a China-based group deploying Medusa payloads. This escalates threats to enterprises, as financially motivated actors now routinely weaponize fresh vulnerabilities against critical sectors.

Read article
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

CISA Sets Friday Deadline for Fortinet EMS Patch

CISA orders federal agencies to patch a critical, exploited Fortinet EMS vulnerability by Friday. The move highlights escalating threats to enterprise management servers and sets a patching precedent for all sectors.

Read article
By Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

Drift's $280M Hack: 6-Month In-Person Insider Plot

Drift Protocol links its $280M Solana hack to a six-month operation where attackers built an in-person presence inside the ecosystem. This sophisticated insider-style breach signals rising social engineering risks in DeFi, pushing protocols toward stricter vetting and monitoring.

Read article
Storm-1175 Blitzes Web Vulns with Medusa Ransomware
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via Microsoft Security Blog·1 min read

Storm-1175 Blitzes Web Vulns with Medusa Ransomware

Microsoft reveals Storm-1175 ransomware group rapidly exploits new web-facing vulnerabilities for Medusa deployments and data exfil. The high-velocity tactics shrink patching windows to days, forcing orgs to prioritize internet-exposed assets amid surging ransomware threats.

Read article
BREAKINGBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1.5 min read

CISA Sets Friday Patch Deadline for Exploited Fortinet Flaw

CISA has ordered U.S. federal agencies to patch or isolate a critical, exploited Fortinet FortiClient EMS vulnerability by Friday. This mandate highlights escalating risks from unpatched enterprise tools, urging all organizations to prioritize remediation to avert breaches.

Read article