Browse Security News (229)

Kristen Womack summarizes the April 2026 Azure Developer CLI (azd) releases, focusing on multi-language hooks in azure.yaml, extension framework updates, Copilot-assisted troubleshooting, and a set of security, provisioning, and CI/CD reliability improvements across versions 1.23.14 through 1.24.2.

stclarke summarizes recent Microsoft Security updates, including new Microsoft Defender protections for AI agents in the Agent 365 tooling gateway, a generally available Defender for Cloud + GitHub Advanced Security integration, and a new Microsoft Purview demo for running data security investigations with AI-assisted analysis.

Microsoft Threat Intelligence and Microsoft Defender Security Research Team summarizes Q1 2026 email threat trends, including the scale of phishing, the surge in QR code and CAPTCHA-gated campaigns, and how the Tycoon2FA disruption shifted attacker infrastructure. It also lists concrete Defender/EOP mitigations and relevant detections.

Microsoft Fabric Blog summarizes the April 2026 Fabric release, covering platform UX updates, VS Code-based workspace and notebook workflows, notebook retry policies, MLflow-based MLOps improvements, Data Warehouse enhancements like COPY INTO for JSONL, and Real-Time Intelligence updates including Eventstream observability and Eventhouse remote MCP.

McKenna Barlow explains that starting in .NET 11 Preview 4 and Visual Studio 18.8, VSTest will stop shipping a transitive Newtonsoft.Json dependency, switching to System.Text.Json (and JSONite on .NET Framework). The post outlines who might break, what errors to expect, and the typical one-line fix.

Jack Batzner shows how to add a governance layer to MCP-based AI agents in .NET using the Agent Governance Toolkit, including policy-driven tool-call authorization, security scanning of tool definitions, response sanitization to reduce prompt-injection risk, and built-in audit/telemetry via OpenTelemetry.

Sergey Menshykh announces A2A Protocol v1.0 support in Microsoft Agent Framework for .NET, showing how to discover and call remote A2A agents, stream responses, and host your own agents as A2A endpoints in ASP.NET Core with updated v1 hosting APIs and migration notes from v0.3.

Alexis Wales explains how GitHub validated, fixed, and investigated a critical remote code execution issue in the git push pipeline, including what caused the injection, how GitHub confirmed no exploitation on github.com, and what GitHub Enterprise Server admins should patch and review.

Microsoft Defender Security Research Team explains how Microsoft Sentinel UEBA enriches AWS CloudTrail logs with simple true/false behavioral signals and built-in anomalies, helping detection engineers write simpler KQL, reduce false positives, and triage suspicious AWS activity faster.

Vlad Fedorov shares what GitHub is changing after two recent availability incidents, including scaling work driven by rapid growth in pull requests and API usage, plus concrete reliability efforts like service isolation, caching improvements, and continued migration to Azure and a future multi-cloud posture.

stclarke announces that Azure Local can now scale to thousands of servers in a single sovereign environment, aimed at regulated and mission-critical workloads. The post highlights disconnected operations, local policy/RBAC/auditing controls, and hardware options (validated compute/storage, GPUs) for running data-intensive workloads within a sovereign boundary.

Allison announces an upcoming change to GitHub App installation token format, including Actions-issued GITHUB_TOKEN. The update moves to a longer, stateless JWT-based token and calls out common breakpoints like hardcoded token-length checks, regex validation, and too-small database columns.

Josef Sin explains what the Axios npm supply chain compromise means for Azure Pipelines users, who is and isn’t impacted, and what to do if your CI/CD runs may have installed the malicious versions—covering agent types, service connections, cache cleanup, and practical mitigation steps.

Naomi Moneypenny announces GPT-5.5 general availability in Microsoft Foundry and explains what’s new (agentic coding, long-context reasoning, token efficiency) plus how Foundry Agent Service helps run hosted agents with isolation, Entra identity, and governance for production use.

Allison announces an improvement to GitHub’s supply chain security tooling: Python dependency graphs can now be generated via a new Dependabot job that submits dependency snapshots to the Dependency Submission API, producing more complete transitive dependency trees and SBOMs across pip, uv, and Poetry projects.

Eduard van Valkenburg explains how CodeAct support in Microsoft Agent Framework uses Hyperlight micro-VM sandboxes to collapse multi-step tool-calling plans into a single execute_code turn, reducing latency and token usage, and outlines when this approach is (and isn’t) a good fit.

Microsoft Fabric Blog announces a preview feature for OneLake: resource instance rules, which let Fabric workspace admins allow inbound access from specific Azure resource identities (ARM IDs) instead of relying on IP allowlists, while still working alongside Private Link and IP firewall rules.

Microsoft Fabric Blog announces general availability of cross-workspace logging for MLflow in Microsoft Fabric, enabling teams to promote experiments and registered models across Dev/Test/Prod workspaces using standard MLflow APIs, with support for enterprise network controls like Outbound Access Protection and managed private endpoints.

Linda Li, Maria Naggaga, and Ronak Chokshi introduce Toolboxes in Azure AI Foundry (public preview), a way to centrally curate and govern tool integrations and expose them via a single MCP-compatible endpoint so different agent runtimes can reuse the same tools without per-agent wiring.

Takuto Higuchi and jeffhollan outline an end-to-end path for building production AI agents with Microsoft Agent Framework v1.0 and Azure AI Foundry: local dev in VS Code, multi-agent composition, managed memory, tool access, hosted runtime, and observability (tracing, evaluations, red teaming) through to publishing in Teams/Microsoft 365.