Threat actors could exploit a vulnerability to spoof Microsoft corporate email accounts in phishing attacks against Outlook accounts, which are used by 400 million users around the world, TechCrunch reports.Such a flaw was publicized by security researcher Vsevolod Kokorin, also known as Slonser, in a post on X, formerly Twitter, after his disclosure was dismissed by Microsoft even after he sent a video along with the proof-of-concept exploit for the security issue. "Microsoft just said they couldn't reproduce it without providing any details. Microsoft might have noticed my tweet because a few hours ago they reopen [sic] one of my reports that I had submitted several months ago," said Kokorin. Such a development comes after Microsoft President Brad Smith emphasized the company's commitment to prioritize cybersecurity following the compromise of federal government emails and corporate email accounts by Chinese and Russian state-sponsored threat actors, respectively, due to security failings.
Email security, Phishing
Microsoft corporate email spoofing possible with new bug

Microsoft Outlook icon. (dennizn via Adobe Stock Images)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



