Microsoft
Microsoft responds to security challenges facing code, AI agents, and models
Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models. The updates include a multi-agent …
Microsoft Scout agent opens a new category of always-on Autopilots
Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different …
Microsoft Entra pushes passkeys, tightens identity security
Microsoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero …
Microsoft Defender Vulnerability Management gets a smarter exposure score
Microsoft Defender Vulnerability Management’s updated exposure score model adds vulnerability risk signals and asset context to help teams understand where risk is …
Microsoft 365 Copilot redesign brings context and actions into one workspace
Microsoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves as a single, …
Microsoft’s Copilot trust test: Zero findings, more models, wider oversight
Microsoft 365 Copilot and Copilot Chat (Copilot) have been recertified under ISO/IEC 42001:2023 by an independent auditor for the second consecutive year. Copilot first …
Microsoft’s new cloud PCs place AI agents under enterprise controls
Microsoft’s Windows 365 for Agents, a cloud PC platform for agentic workloads, runs AI agents in secure environments. Organizations can direct agents with natural language to …
AI chatbot recommendations lure users to cryptojacking malware sites
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft …
High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)
Microsoft has released patches for a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that may be exploited in low-complexity attacks. It …
Microsoft 365 users targeted by new phishing threat that bypasses MFA
Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 …
Microsoft open-sources tools for designing and testing AI agents
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing …
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known …
Featured news
Resources
Don't miss
- Autonomous AI-driven worm can reason its way through corporate networks
- Only 11% of production agents pass the AI agent security bar
- A small Slovenian team handles 6,000 cyber incidents a year
- Agent Threat Rules: Open detection rule format for AI agent security threats
- Google fixes actively exploited Android vulnerability (CVE-2025-48595)