This could put the privacy of user and enterprise communications with chatbots at risk despite encryption via TLS. We worked with multiple cloud providers of language models to mitigate the risk, and ensured that Microsoft-owned language model frameworks are protected.

Ultimately, resilience begins with finding and fixing what attackers might exploit tomorrow, before they become today’s problems. Learn more by listening to the latest episode of Inside Microsoft Threat Intelligence: Where research powers resilience.

Cross-platform research extends protection beyond Windows—ensuring Defender follows wherever customers go and generalizing detections to prepare for future threats. The scale of impact is multiplied by tools like Security Copilot amplifying researchers’ intuition and accelerating durable defenses.

The relentless hunt for vulnerabilities—like the HM Surf exploit—spotlights how research doesn’t just chase attackers, but anticipates them: msft.it/63327tJxqH

This threat does not represent a vulnerability or misconfiguration, but a way to misuse OpenAI Assistants API, which is being deprecated in August 2026. Microsoft and OpenAI continue to collaborate to better understand and disrupt how threat actors attempt to misuse emerging technologies.

SesameOp uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands, which the malware then decrypts and executes locally. Once the tasks are completed, it sends the results back to OpenAI as a message. To stay under the radar, the backdoor uses compression and encryption.

The impact is often invisible—customers benefit from faster detections and reduced exposure, even as attackers experiment with AI. Microsoft’s Defender Experts push threat intel from reactive response to proactive resilience. Hear more on the latest episode of Inside Microsoft Threat Intelligence.

Attackers may try to cover their tracks by deleting files and clearing logs, but as Senior Security Researcher Thomas Ball of our Defender Experts for XDR team puts it, “they’re leaving a footprint, so we can go back and use that as part of our hunting.”

Their leads come from diverse sources, while AI helps sift through vast telemetry and accelerate investigations. A hunt starts with a hypothesis, followed by deep exploration of patterns, mapping adversary actions, and validating findings to become robust detections that protect customers at scale.

October 24, 2025 update – Our continuous monitoring and analysis of this activity has determined that targets are likely redirected to the fake Teams setup files via malicious search engine ads, not SEO poisoning.

Ann shares her thoughts on the evolved CISO mandate, proven strategies for operationalizing security resilience, and steps to strengthen resilience and response in organizations.

In her latest blog post, Ann Johnson explores the challenges and opportunities for CISOs in responding to the accelerating threat landscape highlighted in the Microsoft Digital Defense Report 2025.

These insights and more are unpacked by Crane Hassold and Chloé Messdaghi on the latest episode of the Microsoft Threat Intelligence Podcast, hosted by Sherrod DeGrippo. Learn more from the Microsoft Digital Defense Report 2025: msft.it/63324sCIlj

Nonetheless, phishing resistant MFA stands out as a simple but powerful defense. Financially motivated attacks make up the majority of incidents, and nation-state threats are targeting IT, research and academia, and government sectors, often using AI for influence ops.

Threat actors are leveraging GenAI and LLMs to craft convincing phishing and social engineering campaigns, making detection more challenging. Credential-based attacks remain the primary route for initial access, with password sprays and brute force attacks dominating identity compromises.

By mapping these techniques to the MITRE ATT&CK framework, we provide defenders with a comprehensive view of the operational risks facing orgs that rely on Azure Blob Storage. Get Azure Security controls, security recommendations, and threat detections in this Microsoft Threat Intelligence blog.