Latest news and updates about Security.
Microsoft has published detection, investigation, and mitigation guidance for the March 2026 Trivy supply chain compromise that affected the Trivy binary and related GitHub Actions. The incident matters because it weaponized trusted CI/CD security tooling to steal credentials from build pipelines, cloud environments, and developer systems while appearing to run normally.
Microsoft outlines a governance model for AI agents that aligns user, developer, role-based, and organizational intent. The framework helps enterprises keep agents useful, secure, and compliant by defining behavioral boundaries and a clear order of precedence when conflicts arise.
Microsoft detailed a real-world ransomware case in which Defender’s predictive shielding detected malicious Group Policy Object abuse before encryption began. By hardening GPO propagation and disrupting compromised accounts, Defender blocked about 97% of attempted encryption activity and prevented any devices from being encrypted through the GPO delivery path.
At RSAC 2026, Microsoft introduced a broader security strategy for enterprise AI, led by Agent 365, a new control plane for governing and protecting AI agents that will reach general availability on May 1. The company also announced expanded AI risk visibility and identity protections across Defender, Entra, Purview, Intune, and new shadow AI detection tools, signaling that securing AI usage is becoming a core part of enterprise security operations as adoption accelerates.
Microsoft has introduced CTI-REALM, an open-source benchmark designed to test whether AI agents can actually perform detection engineering tasks end to end, from interpreting threat intelligence reports to generating and refining KQL and Sigma detection rules. This matters because it gives security teams a more realistic way to evaluate AI for SOC operations, focusing on measurable operational outcomes across real environments instead of simple cybersecurity question answering.
Microsoft has introduced Zero Trust for AI guidance, adding an AI-focused pillar to its Zero Trust Workshop and expanding its assessment tool with new Data and Network pillars. The update matters because it gives enterprises a structured way to secure AI systems against risks like prompt injection, data poisoning, and excessive access while aligning security, IT, and business teams around nearly 700 controls.
Microsoft is warning that tax-season phishing attacks are rising, with threat actors using fake CPA messages, W-2 QR codes, and 1099-themed lures to steal Microsoft 365 credentials and deliver malware or remote access tools. The campaigns matter because they are increasingly targeted and evasive, abusing trusted cloud services, multi-step redirects, and legitimate-looking tools to bypass defenses and raise the risk of account compromise and broader network intrusion.
Microsoft is updating its Secure Development Lifecycle guidance to treat AI observability as a core security requirement for generative and agentic AI systems, not just a performance-monitoring add-on. The shift matters because traditional metrics like latency and uptime can look normal even when AI models are manipulated by poisoned content or prompt injection, making richer logging of context, provenance, prompts, and responses essential for detecting and investigating AI-specific threats.
Microsoft’s latest email security benchmark shows that Defender for Office 365 continues to handle most core threat protection, with Zero-hour Auto Purge removing an average of 70.8% of malicious emails after delivery and outperforming the secure email gateways tested on high-severity threats. The report also finds that integrated cloud email security partners add some value—mainly for marketing and bulk email filtering—helping security teams decide where layered tools meaningfully improve a Microsoft 365 email security stack.
Microsoft’s new prompt abuse detection and response guide shifts AI security from high-level risk planning to active monitoring, investigation, and containment of real-world misuse. It highlights major threats like direct prompt overrides, sensitive data extraction, and indirect prompt injection through emails, documents, or URLs—matters that are critical because these attacks can quietly manipulate AI outputs or expose sensitive information inside everyday business tools.
Microsoft says the Storm-2561 threat group is using SEO poisoning and fake vendor-branded download pages to trick users searching for VPN software into installing trojanized clients. The campaign matters because the malware steals VPN credentials and configuration data, uses GitHub-hosted payloads and a legitimate code-signing certificate to appear trustworthy, and could give attackers a stealthy path into enterprise networks.
Microsoft warned that a recent attack used Teams-based voice phishing to impersonate IT support, trick an employee into approving a Quick Assist session, and then steal credentials, deploy malware, and expand access using legitimate Windows tools. The incident matters because it shows how attackers can bypass traditional patch-focused defenses by exploiting trust in everyday collaboration and remote support workflows, making stronger identity protections, user verification, and remote-access controls essential.