![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIDg8lojzPtwdlGMVDGsAAgG7SV5mI7yKTN_MjG5poSTbxzxv_INBgGpgzQXP_B35ZH-OUAPZlpbabEWeys_7jgj0MwVpPpRlVzZCY8QiSN9eN87vtinAnHKWxzN25aF0sXu0RogIFC5Aqep5Zn2rSA1a5thzOcMtfGE2eb3nxHtDOeUxWKiGK06cV1y1C/s1600/malware.png)
Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection.
This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
Source:: The Hackers News