Live Feed
Independent coverage of the latest Microsoft announcements across all products. Every article is written and published on our site.
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant remote access. Once inside, attackers can abuse legitimate tools and standard admin protocols to move laterally and exfiltrate data while appearing as routine IT support—activity Microsoft Defender helps detect across Teams, endpoint, and identity telemetry. The post Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook appeared first on Microsoft Security Blog.
Announcing Windows 11 Insider Preview Build 28020.1863 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1863 to the Canary Channel. (KB 5083725) What’s new in Canary Build 28020.1863 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1863 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29570.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29570.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29570.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29570.1000 appeared first on Windows Blog.
Releasing Windows 11 Builds 26100.8313 and 26200.8313 to the Release Preview Channel
Hello Windows Insiders, today we’re releasing Windows 11 Builds 26100.8313 and 26200.8313 (KB5083631) to Insiders in the Release Preview Channel on Windows 11, versions 24H2 (Build 26100) and 25H2 (Build 26200). This update is available The post Releasing Windows 11 Builds 26100.8313 and 26200.8313 to the Release Preview Channel appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.8271 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8271 (KB 5083728) to the Beta Channel. Changes in Beta Channel builds and updates are documented in two buckets: new features, and improvements (i The post Announcing Windows 11 Insider Preview Build 26220.8271 (Beta Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8276 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8276 (KB 5083726) to the Dev Channel. Changes in Dev Channel builds and updates are documented in two buckets: new features, and improvements (inc The post Announcing Windows 11 Insider Preview Build 26300.8276 (Dev Channel) appeared first on Windows Blog.
Containing a domain compromise: How predictive shielding shut down lateral movement
Domain compromise accelerates fast. Predictive shielding slowed it down. This real-world attack shows how exposure-based containment stopped credential abuse and broke the threat actor's momentum. The post Containing a domain compromise: How predictive shielding shut down lateral movement appeared first on Microsoft Security Blog.
Xbox gives PC gaming fans a first look at Metro 2039
Fans of the Metro series from 4A Games can check out a recap of a recent broadcast from Xbox First Look on the latest title in that storyline: Metro 2039, due to be released this winter. “Like the previous games in the series, it will be a story-d The post Xbox gives PC gaming fans a first look at Metro 2039 appeared first on Windows Blog.
Building your cryptographic inventory: A customer strategy for cryptographic posture management
Learn how to build a comprehensive cryptographic inventory and strengthen quantum‑safe readiness using Microsoft Security tools, best‑practice lifecycle models, and partner solutions. The post Building your cryptographic inventory: A customer strategy for cryptographic posture management appeared first on Microsoft Security Blog.
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North Korean threat actor Sapphire Sleet that abuses user driven execution and social engineering to bypass macOS security protections and steal credentials, cryptocurrency assets, and sensitive data. The post Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise appeared first on Microsoft Security Blog.
Give your AI agent the keys to OneLake: OneLake MCP (Generally Available)
Have you ever tried to understand what’s stored in your Fabric items? Would you even know where to begin? I had 92,000 UK property transactions sitting in an open mirrored database. Rather than spending hours sorting through documentation, I just asked my AI agent: “Document what’s in the House Price Open Mirror in my UK … Continue reading “Give your AI agent the keys to OneLake: OneLake MCP (Generally Available)”
Answers to common questions about Fabric Data Factory
As the Data Integration Customer Advisory Team (CAT) lead, I spent a lot of time talking to customers at the recent FabCon/SQLCon about Fabric Data Factory, and I came away with a clear picture of what’s on customers’ minds when it comes to the future of data integration. Many of the same questions came up … Continue reading “Answers to common questions about Fabric Data Factory”
Introducing the ultimate college bundle: built for student life
College life is full in every sense of the word. Full schedules, full inboxes, full expectations. The pressure to keep up, stay productive and always be “on” is real. Windows is making it even easier to get ready for everything college brings – The post Introducing the ultimate college bundle: built for student life appeared first on Windows Blog.
Incident response for AI: Same fire, different fuel
AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed. The post Incident response for AI: Same fire, different fuel appeared first on Microsoft Security Blog.
Cloud Cost Optimization: Principles that still matter
Discover how cloud cost optimization adapts in the age of AI, with best practices for managing spend, improving efficiency, and maximizing value. The post Cloud Cost Optimization: Principles that still matter appeared first on Microsoft Azure Blog.
Optimize object storage costs automatically with smart tier—now generally available
By continuously optimizing data placement, smart tier ensures your storage costs are aligned with actual usage. The post Optimize object storage costs automatically with smart tier—now generally available appeared first on Microsoft Azure Blog.
One platform, many insights: How Eventhouse brings analytics together (Preview)
Modern analytics isn’t just about storing data. It’s about detecting issues early, understanding them fast, and acting with confidence. Eventhouse in Microsoft Fabric brings advanced analytics capabilities together so teams can move from raw events to insight and action without stitching tools or duplicating data. With native integrations for Anomaly Detection, Data Agents, SQL Endpoints, … Continue reading “One platform, many insights: How Eventhouse brings analytics together (Preview)”
Capacity Scheduler: Smarter capacity control for Eventhouse (Preview)
Modern, real-time analytics workloads are rarely flat. In Eventhouse, some of the customers consistently told us that their usage follows clear, predictable patterns: heavy ingestion during business hours, lighter query traffic overnight, quiet weekends, and short but critical pipeline windows. Previously, customers had to choose a single minimum capacity value for the entire week, paying … Continue reading “Capacity Scheduler: Smarter capacity control for Eventhouse (Preview)”
Unifying “Analyze data with” analytics across Fabric (Preview)
As Microsoft Fabric continues to converge analytics experiences across workloads, one of the most important steps forward is reducing friction in how users move from raw data to insights. With the latest integrations, the Eventhouse Endpoint is now deeply embedded into the “Analyze data with” entry points across Lakehouse, Data Warehouse, and Eventhouse, bringing a … Continue reading “Unifying “Analyze data with” analytics across Fabric (Preview)”
Bring your everyday business apps into the flow of work with agents in Microsoft 365 Copilot
Microsoft 365 Copilot can now bring your go-to apps directly into the conversation, which closes the gap between AI-powered insight and real, in-app action. The post Bring your everyday business apps into the flow of work with agents in Microsoft 365 Copilot appeared first on Microsoft 365 Blog.
ALTER TABLE inside explicit transactions in Fabric Data Warehouse (Generally Available)
Schema evolution is a fact of life for modern analytics platforms. As data models grow, teams need to add columns, drop unused fields, and evolve constraints—often as part of tightly controlled deployment pipelines. Fabric DW supported transactional execution for key table‑focused DDLs like CREATE TABLE, DROP TABLE, TRUNCATE TABLE, CTAS and sp_rename—with this release, ALTER … Continue reading “ALTER TABLE inside explicit transactions in Fabric Data Warehouse (Generally Available)”
Bring your local files to OneLake with OneLake file explorer (Generally Available)
Adopted by thousands of active users, OneLake File Explorer enables developers, data scientists, and business users to move data from local files into OneLake quickly—without changing how they work. From local files to cloud analytics—without breaking your flow Imagine this scenario: You’re a data engineer working with files on your local machine—CSV extracts, Excel files … Continue reading “Bring your local files to OneLake with OneLake file explorer (Generally Available)”
Announcing Full Collation Support for SQL Databases in Microsoft Fabric (Preview)
We heard from you and are introducing a major update for SQL database in Microsoft Fabric. Now, you can use all Azure SQL database collations when creating databases. This enhancement gives SQL database in Fabric users greater flexibility and compatibility for global data scenarios, reporting, and app development—no matter your language or regional requirements. What … Continue reading “Announcing Full Collation Support for SQL Databases in Microsoft Fabric (Preview)”
Announcing Windows 11 Insider Preview Build 28020.1812 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1812 to the Canary Channel. (KB 5083824) What’s new in Canary Build 28020.1812 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1812 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29565.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29565.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29565.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29565.1000 appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8170 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8170 (KB 5083632) to the Dev Channel. Changes in Dev Channel builds and updates are documented in two buckets: new features, and improvements (inc The post Announcing Windows 11 Insider Preview Build 26300.8170 (Dev Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.8165 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8165 (KB 5083635) to the Beta Channel. Changes in Beta Channel builds and updates are documented in two buckets: new features, and improvements (i The post Announcing Windows 11 Insider Preview Build 26220.8165 (Beta Channel) appeared first on Windows Blog.
Improving your Windows Insider experience
Hello Windows Insiders, Last month, Pavan shared our commitment to improving Windows quality, with a focus on performance, reliability and craft, i The post Improving your Windows Insider experience appeared first on Windows Blog.
Kiln Open Beta Throwdown is underway on Steam, sign up through April 11
Double Fine’s pottery brawler, Ki The post Kiln Open Beta Throwdown is underway on Steam, sign up through April 11 appeared first on Windows Blog.
The agentic SOC—Rethinking SecOps for the next decade
In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes. The post The agentic SOC—Rethinking SecOps for the next decade appeared first on Microsoft Security Blog.
Microsoft named a Leader in The Forrester Wave™ for Sovereign Cloud Platforms
Microsoft is named a Leader in The Forrester Wave™ for Sovereign Cloud Platforms, recognizing Microsoft Sovereign Cloud leadership in evolving sovereignty needs. The post Microsoft named a Leader in The Forrester Wave™ for Sovereign Cloud Platforms appeared first on Microsoft Azure Blog.
How Drasi used GitHub Copilot to find documentation bugs
How Microsoft uses AI agents and Drasi to keep open‑source documentation accurate and working. The post How Drasi used GitHub Copilot to find documentation bugs appeared first on Microsoft Azure Blog.
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts. The post Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees appeared first on Microsoft Security Blog.
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected SDKs. The post Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk appeared first on Microsoft Security Blog.
What’s new in Fabric Eventstream: 2026 Q1 Edition
Coauthor: Arindam Chatterjee Over the first quarter of 2026, Fabric Eventstreams shipped meaningful improvements across three themes that have repeatedly come up in feedback from our broad community of customers and partners: broader connectivity, richer real-time processing, and secure enterprise‑ready networking and operations. This post highlights some of the most impactful new Eventstreams-related features and … Continue reading “What’s new in Fabric Eventstream: 2026 Q1 Edition”
Associated identities for items (Preview)
Background Currently, many items rely on the item’s owner identity for accessing connections and certain features (like delegated mode in SQL endpoint) specific to the item. If the owner leaves the organization or their credentials expire, items can become partially or fully non-functional. We’ve heard from many of you that the current remediation path (like … Continue reading “Associated identities for items (Preview)”
You’re invited. Windows Insiders meetups are back
Hi Insiders, It’s Marcus. I lead Design and Research across Windows & Devices, everything from Windows and Windows Cloud to user experience research, and the industrial design behind Surface and Xbox. What I love most about this role is the e The post You’re invited. Windows Insiders meetups are back appeared first on Windows Blog.
Forza Horizon 6: Most explorable adventure yet
If you’ve ever wanted to visit Japan, you will be able do so virtually through Forza Horizon 6, where you’re a festival tourist. If you love travel and driving, this game may be a good way to combine both. You’ll get a feel for how vehicles h The post Forza Horizon 6: Most explorable adventure yet appeared first on Windows Blog.
Cloud Cost Optimization: How to maximize ROI from AI, manage costs, and unlock real business value
Get practical strategies and best practices to help you plan, design, and manage AI investments for sustainable value and efficiency. The post Cloud Cost Optimization: How to maximize ROI from AI, manage costs, and unlock real business value appeared first on Microsoft Azure Blog.
MCP Apps now available in Copilot chat
Agents bring rich, app powered UI experiences directly into Microsoft 365 Copilot chat, via MCP Apps or the OpenAI Apps SDK. Read about what customers and partners are building. The post MCP Apps now available in Copilot chat appeared first on Microsoft 365 Developer Blog.
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipment like routers, then modifying their settings in ways that turn them into part of the actor’s malicious infrastructure. The post SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks appeared first on Microsoft Security Blog.
Agent Academy Spring Drop: Special Ops, Cowork Collective, and a Whole New Look
We’ve shipped a big round of updates to Agent Academy. Two new sections, a completely redone site experience, and more missions on the way. Here’s what’s changed. Quick recap for anyone new Agent Academy is a free, open-source curriculum for learning how to build agents with Microsoft Copilot Studio. Since launching in August 2025, it […] The post Agent Academy Spring Drop: Special Ops, Cowork Collective, and a Whole New Look appeared first on Power Platform Developer Blog.
Inside an AI‑enabled device code phishing campaign
A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation. This campaign goes beyond traditional phishing by generating live authentication codes on demand, enabling higher success rates and sustained post‑compromise access. The post Inside an AI‑enabled device code phishing campaign appeared first on Microsoft Security Blog.
Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data, and deploy Medusa ransomware. The post Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations appeared first on Microsoft Security Blog.
Announcing Windows 11 Insider Preview Build 28020.1803 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1803 to the Canary Channel. (KB 5083824) What’s new in Canary Build 28020.1803 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1803 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29560.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29560.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29560.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29560.1000 appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8155 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8155 (KB 5083822) to the Dev Channel. Changes in Dev Channel builds and updates are documented in two buckets: new features, and improvements (inc The post Announcing Windows 11 Insider Preview Build 26300.8155 (Dev Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.8148 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8148 (KB 5083825) to the Beta Channel. Changes in Beta Channel builds and updates are documented in two buckets: new features, and improvements (i The post Announcing Windows 11 Insider Preview Build 26220.8148 (Beta Channel) appeared first on Windows Blog.
Part 3 – Babylon.js 9.0: OpenPBR and additional engine updates
Babylon.js 9.0 introduces several enhancements to help developers build beautiful, high-performance 3D experiences. OpenPBR Support - Alpha Babylon.js 9.0 begins implementation of The post Part 3 – Babylon.js 9.0: OpenPBR and additional engine updates appeared first on Windows Blog.
Threat actor abuse of AI accelerates from tool to cyberattack surface
Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog.
Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments
Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution behind specially crafted HTTP cookies. The post Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments appeared first on Microsoft Security Blog.
New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration
Learn what’s new in Copilot Studio: Multi-agent systems are now generally available, plus recent updates to the Prompt Editor and governance controls. The post New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration appeared first on Microsoft 365 Blog.
Mitigating the Axios npm supply chain compromise
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean state actor Sapphire Sleet. Although the malicious versions are no longer available for download, since Axios is one of the most widely used HTTP clients in the JavaScript ecosystem, this compromise exposed hundreds to potentially millions of users. The post Mitigating the Axios npm supply chain compromise appeared first on Microsoft Security Blog.
Azure IaaS: Keep critical applications running with built-in resiliency at scale
Azure IaaS provides foundational capabilities across compute, storage, and networking to help organizations stay resilient. The post Azure IaaS: Keep critical applications running with built-in resiliency at scale appeared first on Microsoft Azure Blog.
Dataverse Skills: Your Coding Agent Now Speaks Dataverse
Building enterprise solutions is shifting from writing code to directing AI agents. Instead of stitching together APIs, CLIs, and scripts, developers are increasingly describing intent and letting agents execute. For enterprise platforms like Dataverse, this creates a new requirement: they must be operable by agents, not just by humans. Today we’re releasing Dataverse Skills — […] The post Dataverse Skills: Your Coding Agent Now Speaks Dataverse appeared first on Power Platform Developer Blog.
The threat to critical infrastructure has changed. Has your readiness?
Five facts critical infrastructure (CI) leaders need to act on in 2026, grounded in what Microsoft Threat Intelligence is observing across sectors right now. The post The threat to critical infrastructure has changed. Has your readiness? appeared first on Microsoft Security Blog.
Applying security fundamentals to AI: Practical advice for CISOs
Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered environment. The post Applying security fundamentals to AI: Practical advice for CISOs appeared first on Microsoft Security Blog.
Building sovereign AI at the edge: Microsoft and Armada collaborate to deliver Azure Local on Galleon modular datacenters
Explore how Microsoft and Armada bring sovereign AI to the edge with Azure Local, enabling secure, resilient workloads in disconnected and regulated environments. The post Building sovereign AI at the edge: Microsoft and Armada collaborate to deliver Azure Local on Galleon modular datacenters appeared first on Microsoft Azure Blog.
WhatsApp malware campaign delivers VBScript and MSI backdoors
A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack leverages renamed Windows tools and cloud-hosted payloads to install MSI backdoors and maintain persistent access to compromised systems. The post WhatsApp malware campaign delivers VBScript and MSI backdoors appeared first on Microsoft Security Blog.
Navigating digital sovereignty at the frontier of transformation
Digital sovereignty has become a practical leadership discipline grounded in risk management, continuity planning, and long-term accountability. The post Navigating digital sovereignty at the frontier of transformation appeared first on Microsoft Azure Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29558.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29558.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29558.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29558.1000 appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 28020.1797 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1797 to the Canary Channel. (KB 5079490) What’s new in Canary Build 28020.1797 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1797 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8142 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8142 (KB 5079492 The post Announcing Windows 11 Insider Preview Build 26300.8142 (Dev Channel) appeared first on Windows Blog.
Part 2 – Babylon.js 9.0: Tooling updates and new geospatial features
Our mission is to create one of the most powerful, beautiful and accessible web rendering engines in the world. With Babylon.js 9.0, we’re delivering a major set of enhancements to help you build stunning experiences. Babylon.js Editor The post Part 2 – Babylon.js 9.0: Tooling updates and new geospatial features appeared first on Windows Blog.
Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio
Agentic AI introduces new security risks. Learn how the OWASP Top 10 Risks for Agentic Applications maps to real mitigations in Microsoft Copilot Studio. The post Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio appeared first on Microsoft Security Blog.
Microsoft named a Leader in 2026 Gartner® Magic Quadrant™ for Integration Platform as a Service
Read why Microsoft was named a Leader for integration services in the 2026 Gartner® Magic Quadrant™ for Integration Platform as a Service. The post Microsoft named a Leader in 2026 Gartner® Magic Quadrant™ for Integration Platform as a Service appeared first on Microsoft Azure Blog.
Copilot Cowork: Now available in Frontier
Today, Copilot Cowork—designed for long-running, multi-step work in Microsoft 365—is available via the Frontier program. The post Copilot Cowork: Now available in Frontier appeared first on Microsoft 365 Blog.
Announcing Windows 11 Insider Preview Build 26220.8138 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8138 (KB 5079491 The post Announcing Windows 11 Insider Preview Build 26220.8138 (Beta Channel) appeared first on Windows Blog.
How Microsoft Defender protects high-value assets in real-world attack scenarios
High-value assets including domain controllers, web servers, and identity infrastructure are frequent targets in sophisticated attacks. Microsoft Defender applies asset-aware protection using Microsoft Security Exposure Management to detect and block threats against these critical systems. This article explores real-world attack scenarios and defense techniques. The post How Microsoft Defender protects high-value assets in real-world attack scenarios appeared first on Microsoft Security Blog.
Breaking Change Ahead: Graph API Updates to Sensitive Email Properties
On 12/31/2026, we will begin restricting updates to sensitive properties on non-draft email messages (including subject, body, and recipients). Apps will need Mail-Advanced.ReadWrite (or .All / .Shared) with admin consent to continue modifying these fields. Review your current usage and update permissions now to avoid unexpected failures. The post Breaking Change Ahead: Graph API Updates to Sensitive Email Properties appeared first on Microsoft 365 Developer Blog.
Announcing Babylon.js 9.0
Our mission is to build one of the most powerful, beautiful, simple and open web rendering engines in the world. Today, we are thrilled to announce that mission takes a monumental leap forward with the release of Babylon.js 9.0. https://www.youtube. The post Announcing Babylon.js 9.0 appeared first on Windows Blog.
Xbox Partner Preview highlights upcoming games
With the latest installment of the Xbox Partner Preview, players got up close to 19 games, 14 of which will be playable day one with Xbox Game Pass Ultimate. Fans of PC games will see a lot of favorites, along with new titles. The broadcast kicked o The post Xbox Partner Preview highlights upcoming games appeared first on Windows Blog.
Identity security is the new pressure point for modern cyberattacks
Read the latest Microsoft Secure Access report for insights into why a unified identity and access strategy offers strong modern protection. The post Identity security is the new pressure point for modern cyberattacks appeared first on Microsoft Security Blog.
AI for nuclear energy: Powering an intelligent, resilient future
To break the infrastructure bottleneck and shift the industry from ambition to delivery, Microsoft is announcing an AI for nuclear collaboration with NVIDIA, to provide end-to-end tools that streamline permitting, accelerate design, and optimize operations across the industry. The post AI for nuclear energy: Powering an intelligent, resilient future appeared first on Microsoft Azure Blog.
SharePoint Framework (SPFx) roadmap update – March 2026
SPFx is powering the future of Microsoft 365 with AI driven portals and deep integrations across SharePoint Teams and Viva. The March 2026 update shares new features and the roadmap for the next evolution built for the AI era. This is a transparent community driven journey that we shape together. The post SharePoint Framework (SPFx) roadmap update – March 2026 appeared first on Microsoft 365 Developer Blog.
Guidance for detecting, investigating, and defending against the Trivy supply chain compromise
Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker techniques, and concrete steps security teams can take to detect and defend against similar attacks. The post Guidance for detecting, investigating, and defending against the Trivy supply chain compromise appeared first on Microsoft Security Blog.
Governing AI agent behavior: Aligning user, developer, role, and organizational intent
This research report explores the layers of agent intent and how to align them for secure enterprise AI adoption. The post Governing AI agent behavior: Aligning user, developer, role, and organizational intent appeared first on Microsoft Security Blog.
What’s new with Microsoft in open-source and Kubernetes at KubeCon + CloudNativeCon Europe 2026
At KubeCon + CloudNativeCon Europe 2026 in Amsterdam, we're making announcements that reflect the goal of bringing the operational maturity of Kubernetes to today's workloads and demands. The post What’s new with Microsoft in open-source and Kubernetes at KubeCon + CloudNativeCon Europe 2026 appeared first on Microsoft Azure Blog.
Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started
Microsoft Defender stopped a human-operated ransomware attack that abused Group Policy Objects (GPOs) to disable defenses and push encryption at scale. This case study breaks down the attacker’s playbook and shows how predictive shielding hardened 700 devices in time, resulting in zero GPO-based encryptions and blocking most of the attempted impact. The post Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started appeared first on Microsoft Security Blog.
Protect your enterprise from shadow AI and more: Announcements at RSAC 2026
AI has changed how—and where—work happens. Many of today's security risks occur inside the browser, where traditional controls can fall short. At RSAC 2026, we're highlighting strengthened Edge for Business capabilities designed to secure AI usag The post Protect your enterprise from shadow AI and more: Announcements at RSAC 2026 appeared first on Windows Blog.
Our commitment to Windows quality
Hello Windows Insiders, I want to speak to you directly, as an engineer who has spent his career building technology that people depend on every day. Windows touches more people's lives than almost any technology on Earth. Every day, we hear from th The post Our commitment to Windows quality appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29553.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29553.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29553.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29553.1000 appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 28020.1743 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1743 to the Canary Channel. (KB 5081339) What’s new in Canary Build 28020.1743 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1743 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8085 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8085 (KB 5079483 The post Announcing Windows 11 Insider Preview Build 26300.8085 (Dev Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.8079 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8079 (KB 5079482 The post Announcing Windows 11 Insider Preview Build 26220.8079 (Beta Channel) appeared first on Windows Blog.
CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence (CTI) into validated detections. The post CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents appeared first on Microsoft Security Blog.
Secure agentic AI end-to-end
In this agentic era, security must be woven into, and around, every layer of the AI estate. At RSAC 2026, we are delivering on that vision with new purpose-built capabilities designed to help organizations secure agents, secure their foundations, and defend using agents and experts. The post Secure agentic AI end-to-end appeared first on Microsoft Security Blog.
New tools and guidance: Announcing Zero Trust for AI
Microsoft introduces Zero Trust for AI, adding a new AI pillar to its workshop, enhanced reference architecture, updated guidance, and a new assessment tool. The post New tools and guidance: Announcing Zero Trust for AI appeared first on Microsoft Security Blog.
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including refund notices, payroll forms, filing reminders, and requests from tax professionals, to push malicious attachments, links, or QR codes. The post When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures appeared first on Microsoft Security Blog.
Observability for AI Systems: Strengthening visibility for proactive risk detection
As AI systems grow more autonomous, observability becomes essential. Learn how visibility into AI behavior helps detect risk and strengthen secure development. The post Observability for AI Systems: Strengthening visibility for proactive risk detection appeared first on Microsoft Security Blog.
Changes to attachment IDs for inline images in Outlook add-ins
Read how inline image attachments are handled when they’re programmatically added to a mail item's signature or body in Outlook on the web and the new Outlook for Windows The post Changes to attachment IDs for inline images in Outlook add-ins appeared first on Microsoft 365 Developer Blog.
Advancing agentic AI with Microsoft databases across a unified data estate
Built on a consistent Microsoft SQL foundation from on premises to the cloud, Azure SQL brings AI capabilities directly into your database experience. The post Advancing agentic AI with Microsoft databases across a unified data estate appeared first on Microsoft Azure Blog.
FabCon and SQLCon 2026: Unifying databases and Fabric on a single data platform
We're bring attendees together to share real experiences and solve challenges side-by-side. Only together can we move into meaningful results. The post FabCon and SQLCon 2026: Unifying databases and Fabric on a single data platform appeared first on Microsoft Azure Blog.
New Starfield content coming April 7
If you’re a fan of Starfield or want to see what it’s all about, April 7 would be a good day to check it out. Starfield’s most expansive free update yet and a new story are both dropping on the same day. The Free Lanes update is a game-wide The post New Starfield content coming April 7 appeared first on Windows Blog.
Monitor and improve your web app’s load performance
Today, large web applications are often assembled from many independent pieces, which all load their own data and resources. When all these pieces compete for the same network connection, congestion can build up and the user experience can suffer. The post Monitor and improve your web app’s load performance appeared first on Windows Blog.
Microsoft at NVIDIA GTC: New solutions for Microsoft Foundry, Azure AI infrastructure and Physical AI
Microsoft combines accelerated computing with cloud scale engineering to bring advanced AI capabilities to our customers. For years, we’ve worked with NVIDIA to integrate hardware, software and infrastructure to power many of today’s most important AI breakthroughs. The post Microsoft at NVIDIA GTC: New solutions for Microsoft Foundry, Azure AI infrastructure and Physical AI appeared first on Microsoft Azure Blog.
New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation
As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. The post New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation appeared first on Microsoft Security Blog.
From legacy to leadership: How PostgreSQL on Azure powers enterprise agility and innovation
Our mission is to make PostgreSQL the most performant, scalable, and enterprise-ready open database platform available. With Azure Database for PostgreSQL and the newly introduced Azure HorizonDB, we’re delivering on that vision. The post From legacy to leadership: How PostgreSQL on Azure powers enterprise agility and innovation appeared first on Microsoft Azure Blog.
Help on the line: How a Microsoft Teams support call led to compromise
A DART investigation into a Microsoft Teams voice phishing attack shows how deception and trusted tools can enable identity-led intrusions and how to stop them. The post Help on the line: How a Microsoft Teams support call led to compromise appeared first on Microsoft Security Blog.
Announcing Windows 11 Insider Preview Build for Canary Channel 29550.1000
Hello Windows Insiders, today we’re releasing Windows Insider Preview Build 29550.1000 to the Windows 11 Insider Canary Channel on the optional 29500 build series. What’s new in Canary Build 29550.1000 Change The post Announcing Windows 11 Insider Preview Build for Canary Channel 29550.1000 appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 28020.1737 (Canary Channel)
[UPDATE 3/18/26]: We are rolling out standalone Update Build 28020.1738 (KB5084491). This update does not include anything new and is designed to test our servicing pipeline for builds in Canary Channel. A restart will be required; d The post Announcing Windows 11 Insider Preview Build 28020.1737 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.8068 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.8068 (KB 5079464) to the Dev Channel. Changes in Dev Channel builds and updates are documented in two buckets: new features, and improvements (inc The post Announcing Windows 11 Insider Preview Build 26300.8068 (Dev Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.8062 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.8062 (KB 5079458) to the Beta Channel. Changes in Beta Channel builds and updates are documented in two buckets: new features, and improvements (i The post Announcing Windows 11 Insider Preview Build 26220.8062 (Beta Channel) appeared first on Windows Blog.
Releasing Windows 11 Builds 26100.8106 and 26200.8106 to the Release Preview Channel
Hello Windows Insiders, today we’re releasing Windows 11 Builds 26100.8106 and 26200.8106 (KB5079387) to Insiders in the Release Preview Channel on Windows 11, versions 24H2 (Build 26100) and 25H2 (Build 26200). This update is available through tw The post Releasing Windows 11 Builds 26100.8106 and 26200.8106 to the Release Preview Channel appeared first on Windows Blog.
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This post reviews TTPs, IOCs, and mitigation guidance. The post Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft appeared first on Microsoft Security Blog.
From transparency to action: What the latest Microsoft email security benchmark reveals
The latest Microsoft benchmarking data reveals how Microsoft Defender mitigates modern email threats compared to SEG and ICES vendors. The post From transparency to action: What the latest Microsoft email security benchmark reveals appeared first on Microsoft Security Blog.
Detecting and analyzing prompt abuse in AI tools
Hidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works, highlighting the need for oversight and a structured response playbook. The post Detecting and analyzing prompt abuse in AI tools appeared first on Microsoft Security Blog.
Contagious Interview: Malware delivered through fake developer job interviews
The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and FlexibleFerret through fake coding assessments. The malware then steals API tokens, cloud credentials, crypto wallets, and source code. The post Contagious Interview: Malware delivered through fake developer job interviews appeared first on Microsoft Security Blog.
GDC 2026: Next generation of Xbox designed to play console and PC games
As Xbox celebrates its 25th anniversary this year, it comes to the Game Developers Conference with more details about its next generation console, Project Helix, which is designed to play console and PC games. “As games increasingly span devices, The post GDC 2026: Next generation of Xbox designed to play console and PC games appeared first on Windows Blog.
GDC 2026: Announcing new tools and platform updates for Windows PC game developers
Our focus is clear: making Windows 11 the best place for game developers to create, experiment, ship and scale. Windows is an open, flexible platform that supports choice across engines, tools, hardware and distribution models. That commitment is roo The post GDC 2026: Announcing new tools and platform updates for Windows PC game developers appeared first on Windows Blog.
Modernizing regulated industries with cloud and agentic AI
Discover how cloud modernization and agentic AI are accelerating migration across healthcare, financial services, and manufacturing. The post Modernizing regulated industries with cloud and agentic AI appeared first on Microsoft Azure Blog.
Many agents, one team: Scaling modernization on Azure
We’re announcing the first agentic end-to-end modernization solution that brings IT and developers into a single, connected workflow. The post Many agents, one team: Scaling modernization on Azure appeared first on Microsoft Azure Blog.
Introducing Fireworks AI on Microsoft Foundry: Bringing high performance, low latency open model inference to Azure
We’re announcing the public preview of Fireworks AI on Microsoft Foundry, bringing high‑performance open model inference into Azure. This integration reflects Microsoft Foundry’s broader direction: providing a single place where developers can not only run open models efficiently but also customize and operationalize them as part of a complete enterprise‑ready AI lifecycle. The post Introducing Fireworks AI on Microsoft Foundry: Bringing high performance, low latency open model inference to Azure appeared first on Microsoft Azure Blog.
Unpacking your top questions on agentic AI: The Shift podcast
Today we're introducing "The Shift" podcast, an evolution of "Leading the Shift," to share more dialogue. Grounded in questions we heard from you after announcements at Ignite, we’re releasing eight episodes this spring. The post Unpacking your top questions on agentic AI: The Shift podcast appeared first on Microsoft Azure Blog.
Secure agentic AI for your Frontier Transformation
We are announcing the next step to make Frontier Transformation real for customers across every industry with Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E7: The Frontier Suite. The post Secure agentic AI for your Frontier Transformation appeared first on Microsoft Security Blog.
Copilot Cowork: A new way of getting work done
We’re excited to announce Copilot Cowork, the execution layer for Microsoft 365—delegate tasks, coordinate workflows, and stay in control. The post Copilot Cowork: A new way of getting work done appeared first on Microsoft 365 Blog.
Powering Frontier Transformation with Copilot and agents
Wave 3 marks a new version of Microsoft 365 Copilot, moving beyond assistance to embedded agentic capabilities. The post Powering Frontier Transformation with Copilot and agents appeared first on Microsoft 365 Blog.
Build business understanding with Dataverse in Microsoft 365 Copilot
Microsoft 365 Copilot is now embedded as an in-app sidecar within Power Apps, Dynamics 365 Sales, and Dynamics 365 Customer Service—removing the need to switch between apps to find context or complete steps. The post Build business understanding with Dataverse in Microsoft 365 Copilot appeared first on Microsoft 365 Developer Blog.
Prepare your add-in for Outlook ribbon improvements
We’re improving how add-ins appear on the ribbon in Outlook on the web and the new Outlook on Windows. These updates make add-ins easier to find and align the experience across Outlook clients. The post Prepare your add-in for Outlook ribbon improvements appeared first on Microsoft 365 Developer Blog.
Announcing Windows 11 Insider Preview Build 28020.1685 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1685 to the Canary Channel. (KB 5079381) What’s new in Canary Build 28020.1685 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1685 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26220.7961 (Beta Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26220.7961 (KB 5079382) to the Beta Channel. Changes in Beta Channel builds and updates are documented in two buckets: new features, and improvements (i The post Announcing Windows 11 Insider Preview Build 26220.7961 (Beta Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.7965 (Dev Channel)
[UPDATE 3/11/26]: We are rolling out standalone Update Build 26300.7966 (KB5082257). This update does not include anything new and is designed to test our servicing pipeline for builds in the The post Announcing Windows 11 Insider Preview Build 26300.7965 (Dev Channel) appeared first on Windows Blog.
AI as tradecraft: How threat actors operationalize AI
Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups such as Jasper Sleet and Coral Sleet (formerly Storm-1877). The post AI as tradecraft: How threat actors operationalize AI appeared first on Microsoft Security Blog.
The economics of enterprise AI: What the Forrester TEI study reveals about Microsoft Foundry
Customers are on the hunt for smarter models, more capable agents, and market-ready solutions to operationalize AI workflows. The post The economics of enterprise AI: What the Forrester TEI study reveals about Microsoft Foundry appeared first on Microsoft Azure Blog.
Introducing GPT-5.4 in Microsoft Foundry
Today, we’re announcing OpenAI’s GPT‑5.4 to be generally available soon in Microsoft Foundry: a model designed to help organizations move from planning work to reliably completing it in production environments. The post Introducing GPT-5.4 in Microsoft Foundry appeared first on Microsoft Azure Blog.
Women’s History Month: Encouraging women in cybersecurity at every career stage
This Women’s History Month, we explore ways to support the next generation of female defenders at every career stage. The post Women’s History Month: Encouraging women in cybersecurity at every career stage appeared first on Microsoft Security Blog.
Making keyboard navigation effortless
Do you use a keyboard to navigate websites? If so, you've probably run into countless accessibility issues where groups of inputs or widgets are not easy, or even possible to get to with just the keyboard. A keyboard-accessible website lets you easi The post Making keyboard navigation effortless appeared first on Windows Blog.
Malicious AI Assistant Extensions Harvest LLM Chat Histories
Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise tenants, the campaign highlights the growing risk of data exposure through browser extensions. The post Malicious AI Assistant Extensions Harvest LLM Chat Histories appeared first on Microsoft Security Blog.
Copilot App on Windows: Opening web links alongside your conversations begins rolling out to Windows Insiders
Hello Windows Insiders, In today's update, we are introducing a new way to get things done in the Cop The post Copilot App on Windows: Opening web links alongside your conversations begins rolling out to Windows Insiders appeared first on Windows Blog.
Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure
As organizations accelerate digital transformation, infrastructure decisions increasingly shape how quickly teams can adopt AI, how reliably applications operate at global scale, and how effectively businesses respond to constant change. The post Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure appeared first on Microsoft Azure Blog.
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with Europol and industry partners to facilitate a disruption of Tycoon2FA’s infrastructure and operations. The post Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale appeared first on Microsoft Security Blog.
Signed malware impersonating workplace apps deploys RMM backdoors
Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments. Organizations must harden certificate controls and monitor RMM activity to reduce exposure. The post Signed malware impersonating workplace apps deploys RMM backdoors appeared first on Microsoft Security Blog.
Unlocking document understanding with Mistral Document AI in Microsoft Foundry
Enterprises today face a familiar yet formidable challenge: mountains of documents -contracts, invoices, reports, forms - remain locked in unstructured formats. Traditional OCR (optical character recognition) captures text, but often struggles with context, layout complexity, or multilingual content. The result? Slow workflows, error-prone manual reviews, and missed insights. The post Unlocking document understanding with Mistral Document AI in Microsoft Foundry appeared first on Microsoft Azure Blog.
OAuth redirection abuse enables phishing and malware delivery
OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure. The post OAuth redirection abuse enables phishing and malware delivery appeared first on Microsoft Security Blog.
New feature for ROG Xbox Ally X: Highlight reels in Xbox PC app
Xbox Insiders are invited to try highlight reels, a new feature for the ROG Xbox Ally X accessed via Game Highlights (Preview) in the Xbox PC app. With this feature, players can easily capture standout gameplay moments, like epic boss battles or vic The post New feature for ROG Xbox Ally X: Highlight reels in Xbox PC app appeared first on Windows Blog.
Instant access incremental snapshots: Restore without waiting
Today, we’re excited to introduce instant access support for incremental snapshots of Premium SSD v2 (Pv2) and Ultra Disk, delivering an industry-leading snapshot experience where creation, disk restore, and production-ready performance all happen instantly. The post Instant access incremental snapshots: Restore without waiting appeared first on Microsoft Azure Blog.
SharePoint at 25: How Microsoft is putting knowledge to work in the AI era
Twenty-five years ago, SharePoint set out to help people share knowledge and work better together, a mission that today operates at extraordinary scale. The post SharePoint at 25: How Microsoft is putting knowledge to work in the AI era appeared first on Microsoft 365 Blog.
Announcing Windows 11 Insider Preview Build 28020.1673 (Canary Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 28020.1673 to the Canary Channel. (KB 5077240) What’s new in Canary Build 28020.1673 Changes and Improvements g The post Announcing Windows 11 Insider Preview Build 28020.1673 (Canary Channel) appeared first on Windows Blog.
Announcing Windows 11 Insider Preview Build 26300.7939 (Dev Channel)
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26300.7939 (KB 5077243) to the Dev Channel. Changes in Dev Channel builds and updates are documented in two buckets: new features, and improvements (inc The post Announcing Windows 11 Insider Preview Build 26300.7939 (Dev Channel) appeared first on Windows Blog.
Threat modeling AI applications
AI threat modeling helps teams identify misuse, emergent risk, and failure modes in probabilistic and agentic AI systems. The post Threat modeling AI applications appeared first on Microsoft Security Blog.
SharePoint Framework (SPFx) roadmap update – February 2026
We move towards spring 2026 with strong momentum across the SharePoint Framework and an increasing sense of excitement across the ecosystem. SPFx continues to be a foundational platform for building intelligent, secure, and scalable experiences across Microsoft 365, with adoption growing and feedback from customers and partners directly shaping our priorities. Following the December release […] The post SharePoint Framework (SPFx) roadmap update – February 2026 appeared first on Microsoft 365 Developer Blog.
Increased control over Office Add-in user experiences
Customers have asked for greater user control over add-in launch behavior in Office. We are making three adjustments to our platform to address this customer feedback. The post Increased control over Office Add-in user experiences appeared first on Microsoft 365 Developer Blog.
Developer-targeting campaign using malicious Next.js repositories
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The activity demonstrates how staged command-and-control can hide inside routine development tasks. The post Developer-targeting campaign using malicious Next.js repositories appeared first on Microsoft Security Blog.
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
AI-powered cyberattacks outpace aging SOC tools, and this new guide explains why manual defense fails and how autonomous, expert-led security transforms modern protection. The post Scaling security operations with Microsoft Defender autonomous defense and expert-led services appeared first on Microsoft Security Blog.
Microsoft Sovereign Cloud adds governance, productivity, and support for large AI models securely running even when completely disconnected
Microsoft Sovereign Cloud's expansion of capabilities includes Azure Local disconnected operations, Microsoft 365 Local disconnected, and Microsoft Foundry addition of large model and modern infrastructure capabilities. The post Microsoft Sovereign Cloud adds governance, productivity, and support for large AI models securely running even when completely disconnected appeared first on Microsoft 365 Blog.
Introducing Budget Bytes: Build powerful AI apps for under $25
Budget Bytes is a new series is designed to inspire developers to build affordable, production-quality AI applications on Azure with a budget of $25 or less. The post Introducing Budget Bytes: Build powerful AI apps for under $25 appeared first on Microsoft Azure Blog.
New e-book: Establishing a proactive defense with Microsoft Security Exposure Management
Read the new maturity-based guide that helps organizations move from fragmented, reactive security practices to a unified exposure management approach that enables proactive defense. The post New e-book: Establishing a proactive defense with Microsoft Security Exposure Management appeared first on Microsoft Security Blog.
Running OpenClaw safely: identity, isolation, and runtime risk
Self-hosted agents execute code with durable credentials and process untrusted input. This creates dual supply chain risk, where skills and external instructions converge in the same runtime. As OpenClaw-like systems enter enterprises, governance and runtime isolation become critical. The post Running OpenClaw safely: identity, isolation, and runtime risk appeared first on Microsoft Security Blog.
Claude Sonnet 4.6 in Microsoft Foundry-Frontier Performance for Scale
Claude Sonnet 4.6 is available today in Microsoft Foundry, and it is designed for teams who want frontier performance across coding, agents, and professional work at scale. The post Claude Sonnet 4.6 in Microsoft Foundry-Frontier Performance for Scale appeared first on Microsoft Azure Blog.
Unify now or pay later: New research exposes the operational cost of a fragmented SOC
New research from Microsoft and Omdia reveals how fragmented tools, manual workflows, and alert overload are pushing SOCs to a breaking point. The post Unify now or pay later: New research exposes the operational cost of a fragmented SOC appeared first on Microsoft Security Blog.
Disclaimer: This is an independent news blog. All updates are sourced from official Microsoft RSS feeds. Always verify from official Microsoft sources before taking action.