The Call for Papers is now open for BlueHat Asia in Bengaluru, India, taking place on November 5 - 6, 2025! This is your chance to showcase your thought leadership in vulnerability and mitigation, emerging security threats and techniques, novel research findings, calls-to-action for the security community, and more. ⬇️Submit your paper by September 5 ⬇️ https://aka.ms/bhasia25cfp Here are some suggested topics to inspire your submission (but don’t feel limited by them—we’re excited to see what you bring to the community!): ▸AI, Machine Learning, & Data Science ▸Applied Cryptography ▸Cybersecurity Careers ▸Cybersecurity Policy ▸Data Forensics & Incident Response ▸Detection Techniques at Scale ▸Exploit Development ▸Human Factors ▸IoT/OT & Critical Infrastructure Security ▸Physical Security ▸Quantum Security ▸Red Team/Blue Team Lessons Learned ▸Reverse Engineering ▸Virtualization and Container Security Don’t miss this opportunity to be part of BlueHat Asia. #BlueHatAsia
Microsoft Security Response Center
Computer and Network Security
Protecting customers and Microsoft from current and emerging threats related to security and privacy.
About us
The Microsoft Security Response Center (MSRC) is dedicated to safeguarding customers and Microsoft from security threats. With over two decades of experience, we focus on prevention, rapid defense, and community trust. Together, we’ll continue to protect our users and the broader ecosystem.
- Website
-
https://www.microsoft.com/en-us/msrc
External link for Microsoft Security Response Center
- Industry
- Computer and Network Security
- Company size
- 10,001+ employees
- Specialties
- Cybersecurity, Security response, Incident response, Bug bounty, Security research, and BlueHat
Updates
-
When MSRC and top Microsoft 365 security researchers meet over coffee, the conversation naturally turns to how we can make the Bounty program even better. ☕ We recently hosted a feedback session to hear their thoughts, and we’re grateful for the time and thoughtfulness they brought to the table. Stay tuned for future updates on the M365 Bounty Program. Madeline Eckert Callum Carney Ethan Willoner Jason Shirk Rebecca Pattee Supakiad Satuwan M. Harun Can Dylan Ryan-Zilavy Brad Schlintz Mohamed Abdalah Bashir
-
-
Attention security researchers! 📣 The Microsoft .NET Bounty Program just got a major upgrade, with rewards now up to $40,000 for critical vulnerabilities in .NET and ASP. NET Core (including Blazor & Aspire). Learn more in our blog post: https://msft.it/6042sJqha
-
𝐒𝐚𝐯𝐞 𝐭𝐡𝐞 𝐃𝐚𝐭𝐞: 𝐁𝐥𝐮𝐞𝐇𝐚𝐭 𝐀𝐬𝐢𝐚 We’re bringing BlueHat back to India, this time in Bengaluru on November 5 - 6, 2025. Stay tuned for more details. We hope to see you there! #BlueHatAsia
-
As enterprises adopt large language models (LLMs), a new class of threats has emerged: indirect prompt injection. This attack vector targets systems that process untrusted data with LLMs, tricking them into misinterpreting malicious input as instructions. The risks include data exfiltration, unintended actions, and more. In a new blog, Andrew Paverd, Principal Research Manager, outlines how Microsoft defends against these threats with a defense-in-depth strategy that includes: • Design-time techniques, such as Spotlighting, to reduce the risk of prompt injection • Inference-time detections, such as Microsoft Prompt Shields integrated with Defender for Cloud • Mitigations to deterministically block potential security impacts • Ongoing research into new design patterns and deterministic defenses Learn how Microsoft is securing LLM-based systems against indirect prompt injection: https://msft.it/6043syiff
-
-
Update: Microsoft has released updated analysis of Storm-2603 and Warlock ransomware. Customers should apply the on-premises SharePoint Server security updates immediately and follow the detailed mitigation guidance in our blog: https://msft.it/6040s130q
We updated our blog with expanded analysis and threat intelligence from newly observed activity by Storm-2603 leading to the deployment of Warlock ransomware. Customers should apply the on-premises SharePoint Server security updates immediately and follow the detailed mitigation guidance in the blog. The latest updates include additional TTPs and IOCs, and expanded mitigation, protection, and hunting guidance. https://msft.it/6040s130q
-
Microsoft has released security updates for all supported on-premises SharePoint Server versions. Cloud-hosted SharePoint is not affected. We strongly urge customers to apply these updates immediately to protect against active exploitation. Our latest blog also shares insights into the threat actors we’ve observed targeting these vulnerabilities, along with guidance on detection, protection, and hunting:
Microsoft is sharing details from ongoing investigations of threat actors exploiting vulnerabilities targeting internet-facing on-premises SharePoint servers. As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting these vulnerabilities. In addition, we have observed another China-based threat actor, tracked as Storm-2603, using the exploits. https://msft.it/6044sE1ua Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Microsoft assesses that threat actors will continue to integrate the exploits into their attacks against unpatched on-premises SharePoint systems. Customers should apply these updates immediately to ensure they are protected: https://msft.it/6045sE1ux Read our blog to get TTPs, IOCs, and protection, detection, and hunting guidance:
-
Microsoft has released security updates that fully protect customers using all supported versions of SharePoint affected by CVE-2025-53770 and CVE-2025-53771. These vulnerabilities apply to on-premises SharePoint Servers only. Customers should apply these updates immediately to ensure they’re protected. Full guidance and detection details are available in our blog: https://msft.it/6010sDzSE
-
Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. These vulnerabilities apply to on-premises SharePoint Servers only. Customers should apply these updates immediately to ensure they’re protected. We are actively working on updates for SharePoint 2016. Full guidance and detection details are available in our blog: https://msft.it/6010sDzSE
-
Microsoft is aware of active attacks targeting on-premises SharePoint Server customers, exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770. We have outlined mitigations and detections in our blog. Our team is working urgently to release a security update and will share more details as they become available. Read the full guidance in our blog: https://msft.it/6042s8oCi