Skip to content
The Nexus
DossierENTITY

Microsoft Graph API

Coverage of Microsoft Graph API in the Nexus archive.

Earliest in view: Apr 22 · 10:00 UTCMost recent: May 20 · 12:51 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 20 · 12:51 UTCTHE HACKER NEWS
    Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

    Webworm, a China-aligned threat actor, has deployed custom backdoors using Discord and Microsoft Graph API for command-and-control communications, targeting government agencies since at least 2022. The group was first publicly documented by Symantec in September 2022. Webworm's activity has been flagged by cybersecurity researchers in 2025.

  • SECURITYApr 22 · 15:28 UTCTHE HACKER NEWS
    Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

    The threat actor Harvester has deployed a Linux version of its GoGra backdoor in South Asia, utilizing the Microsoft Graph API and Outlook mailboxes as a covert command-and-control channel to bypass network defenses. Symantec and Carbon Black Threat Hunter attribute the attacks to this group.

  • TECHNOLOGYApr 22 · 10:15 UTCBLEEPING COMPUTER
    Microsoft traces Universal Print issues to Graph API code change

    Microsoft has identified a Microsoft Graph API code change as the cause of ongoing Universal Print sharing issues, which are preventing users from creating certain printer shares.

  • SECURITYApr 22 · 10:00 UTCBLEEPING COMPUTER
    New GoGra malware for Linux uses Microsoft Graph API for comms

    A Linux variant of the GoGra backdoor uses the Microsoft Graph API and an Outlook inbox for stealthy communication and payload delivery, leveraging Microsoft's legitimate infrastructure to evade detection.