SecurityMicrosoft Threat Intelligence reports a rise in phishing, malvertising, and SEO-driven attacks that abuse popular AI brands like ChatGPT, Claude, Copilot, and DeepSeek as social engineering lures. The campaigns use familiar tactics such as urgent payment notices, fake policy violations, and malicious installers to steal credentials, payment data, and deploy malware, making user awareness and layered defenses critical.
3 min read · Jun 8, 2026
SecurityMicrosoft Threat Intelligence found that Anthropic’s Claude Code GitHub Action could expose CI/CD secrets when AI agents process untrusted GitHub content such as issues, pull requests, and comments. Anthropic fixed the issue in Claude Code 2.1.128, but the research highlights broader risks for any AI-enabled workflow with access to secrets, file reads, or outbound communication.
3 min read · Jun 5, 2026
SecurityMicrosoft has updated its taxonomy of failure modes in agentic AI systems after a year of red teaming against real-world deployments. The v2.0 framework adds seven new risk categories and expanded mitigations, giving security teams a more practical model for assessing agentic AI threats such as MCP/plugin abuse, goal hijacking, and session context contamination.
3 min read · Jun 4, 2026
SecurityMicrosoft Threat Intelligence uncovered a large-scale npm supply chain attack involving trojanized packages under the @redhat-cloud-services scope. The campaign abused a compromised CI/CD publishing workflow to deliver credential-stealing malware targeting GitHub, npm, AWS, Azure, GCP, Kubernetes, and developer systems, making it especially relevant for security teams and DevOps administrators.
3 min read · Jun 3, 2026
SecurityAt Microsoft Build 2026, Microsoft announced new security capabilities to protect code, AI agents, and models across the development lifecycle. Highlights include the expanded preview of MDASH for exploitability-focused vulnerability discovery and general availability of Microsoft Defender integration with GitHub Code Security to help teams prioritize and remediate real risks faster.
3 min read · Jun 2, 2026
SecurityMicrosoft Threat Intelligence uncovered 33 malicious npm packages that abused dependency confusion to impersonate internal corporate packages and silently profile developer systems during installation. The campaign matters because it targets developer workstations and CI/CD environments, creating a foothold for potential follow-on supply chain attacks.
3 min read · May 30, 2026
SecurityMicrosoft says it has been named a Leader in the 2026 Gartner Magic Quadrant for Endpoint Protection for the seventh consecutive time. The announcement highlights recent Microsoft Defender for Endpoint enhancements, including attack disruption, custom telemetry, simplified onboarding, sovereign-ready deployment options, and protection for local AI agents.
3 min read · May 29, 2026
SecurityMicrosoft has uncovered an active npm supply chain attack in which 14 typosquatted packages stole AWS credentials, HashiCorp Vault tokens, GitHub Actions data, and npm publish tokens during installation. The campaign matters because it targets developer and build environments, creating risk of cloud lateral movement, CI/CD compromise, and downstream software supply chain attacks.
3 min read · May 29, 2026
SecurityMicrosoft Threat Intelligence has published a deep technical analysis of The Gentlemen ransomware, a Go-based ransomware-as-a-service threat that combines strong file encryption with aggressive self-propagation. The research matters for defenders because the malware can rapidly spread across local systems and network shares, increasing the blast radius of a single compromise.
3 min read · May 29, 2026
SecurityMicrosoft has detailed an active cryptojacking campaign that uses poisoned search results and AI chatbot recommendations to lure users to fake software download sites. The attack abuses DLL sideloading, ScreenConnect, and Microsoft .NET utilities to gain persistent access and mine cryptocurrency on high-GPU systems, raising the risk of follow-on activity such as data theft or ransomware.
3 min read · May 29, 2026
SecurityMicrosoft highlighted how St. Luke’s and ManpowerGroup are building AI-ready security foundations with Microsoft Security, Microsoft Sentinel, Microsoft Defender, and Security Copilot. The stories show why unified visibility, automation, and Zero Trust controls are becoming essential for organizations that want to scale AI without increasing risk.
3 min read · May 29, 2026
SecurityMicrosoft has been named a Leader in The Forrester Wave for Workforce Identity Security Platforms, Q2 2026, earning the highest scores in both current offering and strategy. The recognition highlights growing demand for unified identity, access, and response capabilities as organizations manage more human, machine, and AI-driven identities.
2 min read · May 29, 2026