SecurityMicrosoft announced new Microsoft Purview updates for Fabric focused on safer AI and data use, including generally available Data Loss Prevention policies for Warehouses, preview access restrictions for sensitive data in databases and Warehouses, and expanded Insider Risk Management for lakehouses. These changes matter because they help organizations reduce oversharing and data theft risks while improving governance and visibility as they scale AI initiatives in Microsoft Fabric.
3 min read · Mar 16, 2026
SecurityMicrosoft warns that the ongoing “Contagious Interview” campaign is targeting software developers by disguising malware as recruiter outreach, coding tests, GitHub repositories, and even Visual Studio Code tasks. The threat matters because compromised developer devices can give attackers a path into source code, CI/CD systems, cloud environments, and sensitive secrets, turning the hiring process into a high-impact enterprise attack vector.
3 min read · Mar 11, 2026
SecurityMicrosoft has introduced Agent 365, a centralized control plane for managing enterprise AI agents across Microsoft and partner ecosystems, with tools for inventory, observability, risk monitoring, and policy enforcement. It matters because it brings identity, access, and security governance to AI agents through Microsoft Entra, Defender, and Purview, helping organizations safely scale agentic AI while reducing the risks of unmanaged autonomous systems.
3 min read · Mar 9, 2026
SecurityMicrosoft Threat Intelligence says attackers are already using AI mainly as an accelerator for existing cyberattack tactics, including phishing, reconnaissance, stolen-data triage, and code generation, rather than as a wholly new attack method. This matters because AI lowers the skill and time required for common operations, helping threat actors scale campaigns and maintain persistence, which means defenders need to focus on strengthening controls around familiar attack paths that can now move faster.
3 min read · Mar 6, 2026
SecurityMicrosoft is urging organizations to treat gender diversity in cybersecurity as a business and risk-management priority, arguing that broader perspectives improve threat modeling, innovation, and decision-making as AI and threats evolve. The post highlights that women make up only about 24% of the global cybersecurity workforce and calls on IT leaders to go beyond hiring by improving job descriptions, creating visible role models, and building inclusive training and long-term career pathways.
3 min read · Mar 5, 2026
SecurityMicrosoft Defender found malicious Chromium browser extensions masquerading as popular AI assistant add-ons that can harvest sensitive ChatGPT and DeepSeek prompts, responses, visited URLs, and internal browsing context, then quietly exfiltrate that data over routine-looking HTTPS traffic. The discovery matters because these extensions reportedly reached about 900,000 installs and appeared across more than 20,000 enterprise tenants, turning trusted browser marketplaces and everyday AI workflows into a significant data-loss risk for organizations.
3 min read · Mar 5, 2026
SecurityMicrosoft says the Tycoon2FA phishing-as-a-service kit has enabled attackers to bypass MFA at massive scale by using adversary-in-the-middle proxying to steal session cookies during real logins. That matters because organizations cannot rely on passwords and MFA alone to stop account takeovers—defenders must also revoke active sessions, harden authentication controls, and prepare for highly automated phishing campaigns that can reach hundreds of thousands of organizations.
3 min read · Mar 4, 2026
SecurityMicrosoft Defender Experts uncovered phishing campaigns that use fake meeting, invoice, and document lures to deliver malware installers disguised as trusted apps like Teams, Zoom, and Adobe Reader. What makes this notable is that the installers were signed with an EV certificate and used to deploy legitimate remote management tools such as ScreenConnect and Tactical RMM, giving attackers stealthy initial access that can blend into normal enterprise IT activity.
3 min read · Mar 3, 2026
SecurityMicrosoft says attackers are abusing a normal Microsoft Entra ID OAuth redirect behavior to turn trusted login links into phishing or malware delivery paths, often by forcing an OAuth error and sending victims to attacker-controlled redirect URIs. The campaign matters because it can bypass user suspicion and some security filters without stealing tokens, and it has been observed targeting government and public-sector organizations.
3 min read · Mar 2, 2026
SecurityMicrosoft says traditional threat modeling is no longer enough for generative and agentic AI apps because these systems are nondeterministic, easier to manipulate through prompt injection, and increasingly connected to tools, memory, and autonomous workflows. The guidance matters because it helps security teams anticipate AI-specific risks like tool misuse, privilege escalation, and silent data leakage before they turn into real-world exploits.
3 min read · Feb 26, 2026
SecurityMicrosoft Defender Experts uncovered a campaign using malicious Next.js repositories, often disguised as job take-home assignments, to compromise developers through normal VS Code and app startup workflows. The repos can automatically execute attacker-controlled JavaScript on folder open or when the project is run, potentially exposing source code, environment variables, and cloud credentials—making this a serious supply-chain and developer workstation security threat.
3 min read · Feb 25, 2026
SecurityMicrosoft has outlined 10 common Copilot Studio agent misconfigurations—such as oversharing, missing authentication, unsafe actions, and stale ownership—and paired them with Defender Advanced Hunting community queries to help security teams detect them. This matters because low-code AI agents are becoming a new control plane for identity, data access, and automation, meaning small setup mistakes can quietly expand an organization’s attack surface and enable abuse or data exfiltration unless proactively monitored and locked down.
3 min read · Feb 25, 2026