Browse All News (716)
cindywang explains how GitHub Copilot agents can modernize legacy Java and .NET code inside Docker Sandbox microVMs, keeping host filesystem paths consistent while avoiding risky Docker socket mounts and tightening egress controls during dependency upgrades.
Blanca Li summarizes April 2026 updates to Microsoft Foundry Reinforcement Fine-Tuning (RFT): global training for o4-mini across 13+ Azure regions, new GPT-4.1 family model graders, and practical best practices plus pitfalls to help teams design reliable graders and scale fine-tuning safely.
The Visual Studio Code Team summarizes what’s new in Visual Studio Code 1.117, including improvements to agent sessions, terminal capture, and Git worktree isolation, plus editor UX fixes for package.json and JSDoc rendering.
Allison announces `gh skill`, a new GitHub CLI command for discovering, installing, updating, and publishing portable “agent skills” for AI coding agents (including GitHub Copilot), with a focus on version pinning and supply-chain integrity.
Lawrence Gripper explains how GitHub uses eBPF and cgroups to prevent deployment scripts from introducing circular dependencies (like needing github.com during an outage), including a Go-based proof of concept that monitors and conditionally blocks network/DNS access for deploy processes.
Aviram Shemesh and Jennifer Rutzer explain how to build a cryptographic inventory and run an ongoing cryptographic posture management lifecycle, using Microsoft Security tooling (like Defender and GitHub Advanced Security), Azure services (like Key Vault and Network Watcher), and partner CPM solutions to improve quantum-safe readiness.
Allison announces new GitHub improvements: a rule insights dashboard to visualize repository ruleset evaluations (successes, failures, bypasses) and a unified filter bar across alert dismissal and bypass request pages for code scanning, Dependabot, and secret scanning.
Jim Harrer shares a curated list of 20 VS Live! Las Vegas 2026 sessions now available on the Visual Studio YouTube channel, spanning AI/Copilot topics, modern .NET and C#, Azure cloud-native development, GitHub Actions, and practical productivity and architecture guidance.
Microsoft Threat Intelligence and the Microsoft Defender Security Research Team break down a Sapphire Sleet macOS intrusion chain that relies on social engineering and user-initiated AppleScript execution, and provide Defender detections, KQL hunting queries, and IOCs to help security teams spot and stop similar activity.
Allison announces that Anthropic’s Claude Opus 4.7 is rolling out in GitHub Copilot, including where it’s available (IDEs, CLI, and agents), which plans get access, and what admins need to enable for Business and Enterprise tenants.
Microsoft Fabric Blog introduces the generally available OneLake MCP tools, showing how an AI agent can discover Fabric items, inspect schemas, map OneLake storage, and assess mirrored-database health through a single natural-language conversation (no code or portal clicks).
Microsoft Fabric Blog explains what customers are asking about Fabric Data Factory vs Azure Data Factory (ADF): when to migrate, how mature it is, and what new capabilities you gain—like Mirroring to OneLake, Copy Jobs with CDC, Dataflows Gen2, Copilot assistance, and managed Airflow/dbt execution.
Allison outlines what changed in CodeQL 2.25.2 for GitHub code scanning, including Kotlin 2.3.20 support, multiple query accuracy tweaks (notably for C#), and updated security-severity scores for issues like XSS and log injection across several languages.
Allison explains a new GitHub Copilot Cloud Agent (CCA) admin capability: enterprise admins can now enable the agent for selected organizations (including via organization custom properties), and manage the policy through the AI Controls page or new REST API endpoints.
Yun Jung Choi explains that Azure MCP tools are now built into Visual Studio 2022 via the Azure development workload, letting developers enable an Azure MCP Server inside GitHub Copilot Chat to provision resources, deploy apps, and troubleshoot Azure services without installing a separate extension.
Cassidy Williams interviews GitHub Staff Software Engineer Brittany Ellich about building a personal “command center” app, focusing on how GitHub Copilot CLI and agent-based workflows supported the process from planning through implementation.
Phillip Misner and Stephen Finnigan explain how incident response changes for AI systems: non-determinism and high-volume output shift triage, containment, telemetry needs, and remediation verification, while many IR fundamentals (ownership, escalation, and communication) still apply.
Harshada Hole introduces Visual Studio’s Debugger Agent guided workflow, which uses a live debugging session to help you reproduce bugs, validate hypotheses via breakpoints and call stacks, and iterate to a verified fix with less manual setup.
Fernando Vasconcellos outlines evergreen cloud cost optimization principles and explains how AI workloads change cost patterns, with practical guidance on visibility, governance, rightsizing, and continuous review—framed around managing and optimizing spend on Azure over time.
Laura Jiang announces two Azure DevOps Advanced Security updates: CodeQL default setup to enable org-wide code scanning without per-repo pipeline configuration, and a combined alerts experience (with security campaigns) to triage and coordinate remediation across all repositories.