appsec.fyi · Sources

microsoft.com

11 curated AppSec resources from microsoft.com across 6 topics on appsec.fyi.

microsoft.com

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-13.

RCE 4 AI 2 Supply Chain 2 AuthZ 1 Mobile 1 XSS 1
Date Added Resource Excerpt
2026-05-13 2026Defense at AI speed: Microsofts new multi-model agentic security system tops leading industry benchmarkRCELibrary for agentic AI-driven vulnerability discovery, codename MDASH, utilizes over 100 specialized agents and an ensemble of models to find and prove exploitable bugs. This system orchestrated across frontier and distilled models achieved top scores on industry benchmarks, including identifying 16 new vulnerabilities in Windows networking and authentication, four of which were Critical remote code execution flaws in components like the TCP/IP stack and IKEv2 service. MDASH's end-to-end pipeline includes stages for preparation, scanning, validation, deduplication, and proof, demonstrating a move towards production-grade, enterprise-scale AI vulnerability defense.
2026-05-07 2026When prompts become shells: RCE vulnerabilities in AI agent frameworksRCELibrary providing security analysis of AI agent frameworks, detailing RCE vulnerabilities like CVE-2026-25592 and CVE-2026-26030 discovered in Semantic Kernel. The research highlights how prompt injection can lead to host-level code execution through unsafe string interpolation and blocklist bypasses in plugins like the In-Memory Vector Store, enabling attackers to leverage Semantic Kernel's tool execution capabilities for malicious purposes.
2026-05-02 2026CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environmentsAuthZAnalysis of CVE-2026-31431, nicknamed "Copy Fail," details a high-severity Linux kernel vulnerability affecting Red Hat, Ubuntu, SUSE, and AWS Linux. This logic flaw in the AF_ALG module allows local unprivileged users to gain root privileges by corrupting the kernel page cache, impacting cloud workloads and Kubernetes clusters. The exploit, a small script leveraging the splice() system call and AF_ALG, enables container breakout and lateral movement, posing a significant risk to multi-tenant environments. Microsoft Defender provides detection insights, mitigation recommendations, and hunting guidance.
2026-04-11 2026Shai-Hulud 2.0: Detection and Defense GuidanceSupply ChainLibrary providing detection and defense guidance for the Shai-Hulud 2.0 supply chain attack, which compromised numerous npm packages via preinstall scripts and stole credentials using tools like TruffleHog. It details attack propagation paths, the use of fake personas like "Linus Torvalds," and offers mitigation strategies including credential rotation, CI/CD isolation, and leveraging Microsoft Defender for its code scanning, posture management, and runtime anomaly detection capabilities.
2026-04-11 2026Intent redirection vulnerability in third-party SDK exposed millions of Android walletsMobileWriteup details an intent redirection vulnerability in the EngageSDK, a third-party Android library used by millions of applications, including crypto wallets. This flaw allowed malicious apps to bypass Android's security sandbox and access sensitive user data, including PII and financial information. The vulnerability, identified in the exported `MTCommonActivity` component, enabled attackers to craft intents that, when processed by the vulnerable SDK, could lead to unauthorized access, data exposure, and privilege escalation. While Google removed affected apps from the Play Store and provided platform-level mitigations, developers are urged to update to EngageSDK version 5.2.1 to resolve the issue.
2026-04-11 2026How Microsoft Defends Against Indirect Prompt Injection AttacksAILibrary that defends against indirect prompt injection attacks targeting LLM-based systems. This library implements a multi-layered defense strategy including preventative techniques like hardened system prompts and Spotlighting, detection tools such as Microsoft Prompt Shields integrated with Defender for Cloud, and impact mitigation through data governance, user consent workflows, and deterministic blocking. It addresses vulnerabilities like data exfiltration via HTML images, clickable links, tool calls, and covert channels, as well as unintended actions and phishing.
2026-04-10 2026Defending Against React2Shell in React Server ComponentsRCEReference detailing CVE-2025-55182 (React2Shell), a critical pre-authentication RCE vulnerability in React Server Components, affecting frameworks like Next.js. The vulnerability, stemming from insecure payload validation and prototype pollution, allows attackers to execute arbitrary code via a single HTTP request. Observed exploits target Windows and Linux environments, deploying coin miners and RATs, and attempting to steal cloud credentials using tools like TruffleHog and Gitleaks. Mitigation includes immediate patching to updated React and Next.js versions, prioritizing internet-facing assets, and potentially using WAF protections.
2026-04-10 2026Weaponizing Cross Site Scripting: When One Bug Isn't EnoughXSSTechnique guide detailing how Cross-Site Scripting (XSS) can be weaponized by chaining it with vulnerabilities like open redirects, CSRF, weak CSP, insecure JSON logging leading to account takeover, file upload flaws for RCE, abusing administrative functions, and improper `postMessage` usage causing token leakage. It emphasizes that XSS rarely exists in isolation and attackers combine multiple weaknesses to escalate impact, making layered defenses crucial.
2026-04-08 2026Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operationsRCELibrary detailing Storm-1175's high-tempo Medusa ransomware operations, exploiting N-days like CVE-2023-21529 (Microsoft Exchange), CVE-2023-27351 (Papercut), and CVE-2024-21887 (Ivanti), alongside zero-days. The actor rapidly chains exploits, establishes persistence via new users, uses tools like PsExec and RMMs (Atera, N-able), PDQ Deployer, and Impacket for lateral movement and credential theft before deploying ransomware.
2026-04-04 2026Detecting and analyzing prompt abuse in AI toolsAIPlaybook detailing detection, investigation, and response to AI prompt abuse. It covers direct prompt overrides, extractive prompt abuse against sensitive inputs, and indirect prompt injection, including the HashJack technique affecting AI summarization tools via URL fragments. This guide leverages Microsoft security tools like Defender for Cloud Apps, Purview DLP, Microsoft Entra ID conditional access, and Microsoft Sentinel to monitor AI interactions and protect against manipulation.
2026-04-03 2026Mitigating the Axios npm supply chain compromiseSupply ChainAnalysis of a recent Axios npm supply chain compromise reveals North Korean state actor Sapphire Sleet injected malicious dependencies into popular Axios versions 1.14.1 and 0.30.4. These compromised packages, utilizing a fake runtime dependency `plain-crypto-js@4.2.1` with silent install-time code execution, connected to a Sapphire Sleet-controlled C2 server at `hxxp://sfrclak[.]com:8000/6202033` to download platform-specific remote access trojan (RAT) payloads for Windows, macOS, and Linux. The attack highlights the risks of poisoned open-source frameworks, enabling actors to achieve broad downstream impact by compromising widely adopted libraries.