Skip to content
The Nexus
DossierENTITY

Microsoft Graph API

Coverage of Microsoft Graph API in the Nexus archive.

Earliest in view: Apr 22 · 10:00 UTCMost recent: May 20 · 12:51 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 20 · 12:51 UTCTHE HACKER NEWS
    Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

    Webworm, a China-aligned threat actor, has deployed custom backdoors using Discord and Microsoft Graph API for command-and-control communications, targeting government agencies since at least 2022. The group was first publicly documented by Symantec in September 2022. Webworm's activity has been flagged by cybersecurity researchers in 2025.

  • SECURITYApr 22 · 15:28 UTCTHE HACKER NEWS
    Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

    The threat actor Harvester has deployed a Linux version of its GoGra backdoor in South Asia, utilizing the Microsoft Graph API and Outlook mailboxes as a covert command-and-control channel to bypass network defenses. Symantec and Carbon Black Threat Hunter attribute the attacks to this group.

  • TECHNOLOGYApr 22 · 10:15 UTCBLEEPING COMPUTER
    Microsoft traces Universal Print issues to Graph API code change

    Microsoft has identified a Microsoft Graph API code change as the cause of ongoing Universal Print sharing issues, which are preventing users from creating certain printer shares.

  • SECURITYApr 22 · 10:00 UTCBLEEPING COMPUTER
    New GoGra malware for Linux uses Microsoft Graph API for comms

    A Linux variant of the GoGra backdoor uses the Microsoft Graph API and an Outlook inbox for stealthy communication and payload delivery, leveraging Microsoft's legitimate infrastructure to evade detection.

Microsoft Graph API · Dossier · The Nexus