News
-
GPT-5 Launches in Azure AI Foundry: New Era for AI Apps, Agents, and Developers
Steve Sweetman announces the general availability of GPT-5 in Azure AI Foundry, detailing its rollout to developers via GitHub Copilot and VS Code, enhanced reasoning, orchestration features, and robust security and governance layers for enterprise AI adoption.
-
Announcing Public Preview of the Phishing Triage Agent in Microsoft Defender
Cristina Da Gama Henriquez announces the public preview of the Phishing Triage Agent in Microsoft Defender, highlighting its AI-powered, autonomous phishing detection capabilities for SOC teams.
-
Microsoft Bounty Program Year in Review: $17 Million Awarded to Security Researchers
stclarke presents a comprehensive year-in-review of the Microsoft Bounty Program, showcasing $17 million in rewards, the impact of security research collaborations, and updates to Microsoft’s vulnerability reward initiatives.
-
Practical Guidance: Launching Microsoft Secure Future Initiative Patterns and Practices
In this post, stclarke introduces the Microsoft Secure Future Initiative (SFI) patterns and practices—a library of practical security solutions aimed at helping organizations enhance security at scale, informed by Microsoft’s operational experiences.
-
5 Copilot Chat Prompts .NET Developers Should Use Now
In this blog, Wendy Breiding presents five practical GitHub Copilot Chat prompts specifically designed to help .NET developers boost productivity, code quality, and security when working on Microsoft technologies.
-
Project Ire: Autonomous AI Agent for Large-Scale Malware Detection and Classification
Written by stclarke, this post presents Project Ire, Microsoft’s new autonomous AI agent built for large-scale malware detection by reverse engineering and classifying threats. The article addresses technical foundations, system accuracy, and its impact on cybersecurity operations.
-
General Availability of Network Security Perimeter for Azure Monitor
Mahesh Sundaram announces the general availability of Network Security Perimeter for Azure Monitor, explaining its benefits for securing Azure monitoring data through enhanced network isolation and access controls.
-
Azure API Management Adds MCP Support in v2 SKUs and External Server Integration
anishta reports on key Azure API Management updates, including public preview MCP support in v2 SKUs and streamlined governance for external MCP-compliant servers, helping organizations connect APIs and AI agents securely.
-
Elevate Your Protection with Expanded Microsoft Defender Experts Coverage
Authored by Henry Yan and Sylvie Liu, this post introduces new 24/7, expert-driven protections from Microsoft Defender Experts for protecting cloud workloads, including support for multicloud environments.
-
What’s New in Copilot Studio: July 2025 Feature Roundup
In this comprehensive roundup, stclarke highlights major new capabilities added to Microsoft Copilot Studio in July 2025, focusing on AI-powered agent creation, secure data integration, and robust analytics and admin improvements for enterprise users.
-
General Availability of Azure Monitor Auxiliary Logs, New Features, and Price Reduction
AdiBiran outlines Azure Monitor Auxiliary Logs’ general availability, new features, and lower pricing, highlighting enhancements in querying, data transformations, and large-scale log management for Microsoft customers.
-
What’s New in Fabric Warehouse – July 2025: AI, Performance, and Modern Data Engineering
This comprehensive recap from the Microsoft Fabric Blog details July 2025’s new features and enhancements for Fabric Warehouse, including AI integration, security, performance improvements, and developer tools, making it relevant for data engineers and architects.
-
Automate Open-Source Dependency Scanning in Azure DevOps with Advanced Security
Laura Jiang explores automating open-source dependency scanning in Azure DevOps with GitHub Advanced Security, focusing on setup, integration, and how results are surfaced for developers.
-
What’s New in Azure AI Foundry: July 2025 Releases and Updates
Authored by Nick Brady, this post highlights the July 2025 updates to Azure AI Foundry, including Deep Research Agent, GPT-image-1 model improvements, agent tools, and platform and security features for advanced AI development.
-
The new Dependabot NuGet updater: 65% faster with native .NET
Jamie Magee and Brett Forsgren share how Dependabot’s revamped NuGet updater uses .NET’s own tooling to bring faster, more reliable, and more secure dependency updates to developers.
-
Microsoft Entra Suite Delivers 131% ROI Through Unified Identity and Network Access
Irina Nechaeva reports on a Forrester study showing that organizations using Microsoft Entra Suite achieved a 131% ROI by improving identity and network access security.
-
Fabric Platform Ends Support for TLS 1.1 and Earlier
Microsoft Fabric Blog announces the end of support for TLS 1.1 and earlier on the Fabric platform. Authors provide key migration steps and security implications for organizations relying on Fabric integrations.
-
Russian Threat Actor Secret Blizzard's AiTM Campaign Targets Diplomats with ApolloShadow Malware
stclarke presents an in-depth look at Microsoft’s findings on the Russian state actor Secret Blizzard’s AiTM attack on diplomats in Moscow, revealing their use of ApolloShadow malware, attack flow, and practical security recommendations.
-
Modernize Your Identity Defense with Microsoft Identity Threat Detection and Response
Eric Sachs and Yaron Paryanty discuss Microsoft’s integrated approach to identity threat detection and response, providing actionable insights for strengthening identity security.
-
Experience the New Visual SQL Audit Logs Configuration in Fabric Warehouse
Microsoft Fabric Blog introduces a new visual experience for configuring SQL Audit Logs in Fabric Data Warehouse, detailing improved audit management and compliance flexibility for data professionals.
-
Azure SDK Release Highlights and Updates for July 2025
Ronnie Geraghty summarizes the key updates in the July 2025 Azure SDK release, detailing new features, bug fixes, stable and beta releases for languages like Python, .NET, and more.
-
A Practical Guide to Using the GitHub MCP Server for Automated AI Workflows
Andrea Griffiths explores the migration from a local MCP Docker image to GitHub’s managed MCP server, streamlining authentication, automation, and security-focused AI workflows with GitHub Copilot integration.
-
Fabric July 2025 Feature Summary
This article by Microsoft Fabric Blog offers a comprehensive summary of July 2025’s new features in Microsoft Fabric, authored by Patrick LeBlanc. Key updates span data science, governance, Power BI, data connectors, and AI-driven integrations with Copilot Studio.
-
Spotlight-based macOS TCC Vulnerability CVE-2025-31199: Analysis by Microsoft Threat Intelligence
In this technical breakdown by Microsoft Threat Intelligence, authors Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca uncover and analyze the new macOS Spotlight-based TCC vulnerability, CVE-2025-31199, and discuss its security and remediation implications.
-
How to Build Secure and Scalable Remote MCP Servers
Authored by Den Delimarsky, this article offers a thorough walkthrough for developers on building secure, scalable MCP servers. It focuses on robust security, authorization, secrets management, and architectural practices needed to safely enable AI agent connectivity and operations.
-
How to Streamline GitHub API Calls in Azure Pipelines Using a Custom DevOps Extension
Written by Tiago Pascoal, this post details how to build a custom Azure DevOps extension for secure, efficient, and centralized authentication with GitHub APIs from Azure Pipelines, streamlining automation and improving security controls.
-
We Need a European Sovereign Tech Fund to Sustain Open Source Software
Authored by Felix Reda, this article calls for greater public investment in open source software through a proposed European Sovereign Tech Fund, highlighting GitHub’s policy efforts and recommendations to address the critical funding challenges facing OSS maintainers.
-
MCP C# SDK Updated: Protocol 2025-06-18 Brings Elicitation, Structured Output, and Enhanced Security
In this post, Mike Kistler presents the major update for the MCP C# SDK, introducing support for protocol version 2025-06-18. The release offers .NET developers new features such as elicitation, structured tool output, enhanced authentication, resource links, and schema improvements for AI application development.
-
Mitigating Active Exploitation of On-Premises SharePoint Vulnerabilities
Microsoft Threat Intelligence reports on recent attacks exploiting SharePoint vulnerabilities, with actionable defense steps for organizations. This summary highlights author guidance for defenders and SharePoint administrators facing these advanced threats.
-
Microsoft Sentinel Data Lake: Unifying Security Signals and Driving AI Adoption
Scott Woodgate and Krishna Kumar Parthasarathy introduce a new data lake for Microsoft Sentinel, enhancing unified security data management, AI-driven insights, and affordability for security teams.
-
Microsoft at Black Hat USA 2025: A Unified Approach to Modern Cyber Defense
In this announcement, author Elliot Volkman shares Microsoft’s plans for Black Hat USA 2025, focusing on AI-driven, unified security solutions. Learn what to expect and how to connect with Microsoft at this major cybersecurity event.
-
Microsoft Defender for Office 365: Transparent Benchmarks on Email Security Effectiveness
Ramya Chitrakar and Scott Woodgate present Microsoft’s latest efforts to make email security performance more transparent, including dashboards and benchmarking reports for Defender for Office 365 and comparisons with other security vendors.
-
Microsoft Azure AI Foundry Models and Security Copilot Achieve ISO/IEC 42001:2023 Certification
In this post, Molly Bostic announces Microsoft’s ISO/IEC 42001:2023 certification for Azure AI Foundry Models and Microsoft Security Copilot, detailing the implications for responsible AI, security, and compliance efforts.
-
Microsoft Named a Leader in Gartner's 2025 Magic Quadrant for Endpoint Protection
Rob Lefferts shares Microsoft’s achievement as a Leader in the 2025 Gartner Magic Quadrant for Endpoint Protection Platforms, recognizing Defender for Endpoint’s effectiveness against advanced cyberthreats.
-
How to Catch GitHub Actions Workflow Injections Before Attackers Do
In this article, Dylan Birtolo addresses strategies for detecting and mitigating GitHub Actions workflow injections, offering practical guidance on boosting repository security.
-
Configure internet access for Copilot coding agent
In this article, Allison discusses new updates to GitHub Copilot, specifically focusing on changes to its internet access during the public preview phase. The updates aim to better protect user data and address potential security concerns, offering developers a safer and more secure experience while using Copilot.
-
Databricks Runs Best on Azure: Performance, Integration, and AI Synergy
In this post, Jason Pereira and Anavi Nahar outline how Azure Databricks delivers a streamlined, high-performance environment for analytics and AI, leveraging tight integration with the Microsoft ecosystem.
-
Security Copilot capabilities in Microsoft Intune and Entra now generally available
In this article, author stclarke discusses the general availability of Security Copilot capabilities within Microsoft Intune and Microsoft Entra. The announcement highlights how these integrations bring enhanced AI-driven security automation, streamlined threat management, and compliance capabilities directly into Microsoft’s security and management platforms.
-
Microsoft Expands Zero Trust Workshop: Network, Infrastructure, and SecOps Now Included
In this article, Rob Lefferts explains Microsoft’s expanded Zero Trust workshop, now featuring guidance on network, infrastructure, and SecOps pillars to help organizations enhance their security posture and operational workflows.
-
July Patches for Azure DevOps Server Now Available
Authored by Gloridel Morales, this post announces July patches for Azure DevOps Server, highlighting key fixes and steps for users to ensure secure and updated deployments.
-
.NET and .NET Framework July 2025 Servicing Releases Updates
Authored by Tara Overfield and Victor Israel-Bolarinwa, this article outlines the latest servicing updates released for .NET and .NET Framework in July 2025.
-
Weekly AI & Tech News Roundup: July 1–8, 2025
Here’s your roundup of the most significant news and updates in AI, technology, and developer tools from July 1 to July 8, 2025.
-
New e-book teaches how to build an AI-powered security operations center
In this article, stclarke discusses the release of a new e-book that serves as a comprehensive guide for building an AI-powered security operations center (SOC).
-
Automating Secure and Scalable AI Deployments on Azure with HashiCorp
Written by cindywang and davidwright, this article delves into automating secure and scalable AI deployments using HashiCorp and Azure, highlighting infrastructure-as-code, security, and operational best practices.
-
Join Us for MCP Dev Days – July 29-30: Deep Dive into the Model Context Protocol
Authored by Katie Savage and Marc Baiza, this post introduces MCP Dev Days, a Microsoft event dedicated to the Model Context Protocol (MCP), offering deep technical content, hands-on sessions, and real-world demos across major development tools.
-
Jasper Sleet - North Korean remote IT workers’ evolving tactics to infiltrate organizations
In this article, stclarke discusses the latest strategies employed by North Korean remote IT workers aiming to infiltrate organizations globally.
-
Building Secure, Scalable Generative AI in the Cloud with Microsoft Azure
Maria Bledsoe discusses Forrester Research findings on how Microsoft Azure enables enterprises to securely and efficiently scale generative AI, highlighting the platform’s security, compliance, and data management capabilities.
-
Removing Azure Resource Manager Reliance on Azure DevOps Sign-ins
Angel Wong announces important authentication updates for Azure DevOps, moving away from Azure Resource Manager dependence for Entra sign-ins. This guide helps administrators prepare for the coming changes in Conditional Access requirements.
-
IDC Study: 306% ROI in 3 Years Migrating Ubuntu Linux Workloads to Microsoft Azure
Omar Khan reviews IDC’s findings on the impact of running Ubuntu workloads on Microsoft Azure, detailing ROI, cost savings, and productivity.
-
Announcing General Availability of GitHub Copilot for Azure—Now with Agent Mode
Yun Jung Choi introduces the general availability of GitHub Copilot for Azure, highlighting its new Agent Mode that transforms DevOps workflows with integrated AI, enhanced security, and rich Azure support.
-
Maximize Your ROI for Azure OpenAI: Pricing, Deployment, and Cost Optimization Strategies
In this article, Steve Sweetman explores maximizing returns with Azure OpenAI by reviewing flexible pricing, deployment types, cost-saving features, and integration across the Azure AI ecosystem.
-
Securely Turbo‑Charge Software Delivery with Codex Coding Agent on Azure OpenAI
In this detailed guide, Govind Kamtamneni explains how to run the Codex Coding Agent securely on Azure OpenAI. He covers setup, enterprise security benefits, automation via GitHub Actions, and troubleshooting tips.
-
Security and Trust in Visual Studio Marketplace: Safeguarding Extensions for Developers
Authored by Sean, this article delivers a comprehensive overview of efforts to ensure extension security and developer trust in the Visual Studio Marketplace, outlining both current safeguards and planned investments.
-
June Patches Released for Azure DevOps Server 2022.2: Improvements & Important Updates
Gloridel Morales announces the June patches for Azure DevOps Server 2022.2, highlighting Test Plans enhancements and addressing an ongoing issue with Patch 6, along with installation recommendations and verification steps.
-
Restricting PAT Creation in Azure DevOps Preview: New Granular Controls for Administrators
Written by Angel Wong, this article explores the new preview policy in Azure DevOps to restrict personal access token creation. It details how organizations can reduce PAT usage and strengthen their security measures.
-
Microsoft and LangChain: Advancing AI Security for Open Source on Azure
Authored by Marlene Mhangami, this article examines Microsoft’s partnership with LangChain to bolster AI security for open-source developers on Azure. The collaboration addresses integration risks while ensuring enterprises can safely accelerate innovation in the AI landscape.
-
Azure SDK Release Highlights and Notes for May 2025
Written by Ronnie Geraghty, this overview summarizes the Azure SDK May 2025 release, detailing new features, stable and beta libraries for multiple programming languages, and links to comprehensive release notes.
-
GitHub Secret Protection and Code Security Now Available for Azure DevOps
Laura Jiang introduces the new standalone GitHub Secret Protection and GitHub Code Security products for Azure DevOps, highlighting their features, pricing structure, and steps for implementation within organizations.
-
Connect Once, Integrate Anywhere: Model Context Protocol (MCP) for AI Integration
In this article, Maria Naggaga details the Model Context Protocol (MCP), outlining its impact on AI integration and developer productivity, with insights on leveraging GitHub Copilot, Visual Studio, Azure API Management, and robust security practices.
-
Azure MCP Server – May 2025 Release: New Integrations and Features
Rohit Ganguly presents the May 2025 release of Azure MCP Server, focusing on new service integrations, improved documentation, and tools for developers, including collaboration with GitHub Copilot for Azure.
-
Azure Toolkit for IntelliJ Brings Enhanced Java Code Quality Analyzer for Azure SDK Development
Sameeksha Vaity details the latest enhancements to the Azure Toolkit for IntelliJ, highlighting a powerful Java Code Quality Analyzer aimed at improving code quality, security, and performance for developers working with the Azure SDK.
-
PowerShell, OpenSSH, and DSC Team Investments for 2025: Security, Integrations, and Community Priorities
Steve Lee shares an in-depth look at the planned investments for PowerShell, OpenSSH, and Desired State Configuration (DSC) in 2025, emphasizing security, community input, and modernization across Microsoft’s open tooling ecosystem.
-
Introducing Spring Cloud Azure Starter Key Vault JCA for Streamlined TLS and mTLS in Spring Boot
Moary Chen introduces the Spring Cloud Azure Starter Key Vault JCA, showing how to streamline TLS and mTLS for Spring Boot using Azure Key Vault for secure certificate management.
-
Azure Developer CLI (azd) – March 2025 Release: New Features, Bug Fixes, and Updated Templates
Authored by Kristen Womack, this news post details the March 2025 Azure Developer CLI (azd) release, covering notable new features, bug fixes, contributions on templates, and enhanced support for AI and Azure services.
-
Finding Leaked Passwords with AI: Building GitHub Copilot Secret Scanning
Authored by Ashwin Mohan, this post delves into the creation and refinement of GitHub Copilot secret scanning, highlighting the AI-powered approach to detecting passwords and managing security alerts for developers and security teams.
-
Common Annotated Security Keys: Enhancing Token Format Security with CASK at Microsoft and GitHub
In this article, Michael C. Fanning details how GitHub and Microsoft are advancing secure secret management through the Common Annotated Security Standard (CASK), outlining its technical features and its role in strengthening engineering and DevOps security.
-
Security Update: Changes to URI Expiry Time in Azure Notification Hubs
Authored by Sreehari R, this update details upcoming changes to Azure Notification Hubs’ URI expiry policy, focusing on improved security and guidance for users.