Microsoft’s ecosystem this week carries the highest priority score of any vendor in this rollup (0.942), driven by three distinct attack chains that collectively target credential stores, the browser sandbox, and the Windows application deployment framework — all without requiring a CVE or a vendor patch for two of the three. The StealC and Amadey MaaS campaign harvested credentials from browser stores and SSO platforms at scale; the Edgecution campaign exploits Microsoft Edge’s Native Messaging API via Teams-based social engineering to deploy a persistent Python backdoor; and ClickOnce abuse techniques achieve privilege-free persistence inside trusted Microsoft process trees with no patch available.