Microsoft Marketplace

An abandoned Outlook add-in listed in Microsoft’s store was hijacked to host phishing pages that stole credentials from about 4,000 users, a technical analysis found. Users should remove the add-in and reset passwords.