Microsoft is accelerating its quantum-safe security timeline, saying advances in quantum computing and new federal requirements have pushed post-quantum cryptography from a future planning issue into an immediate engineering priority.
Microsoft has disrupted a large malicious browser extension campaign that used hidden payloads, delayed execution and disposable developer accounts to evade detection while targeting users with ad fraud, credential theft and remote code execution capabilities.
Microsoft on Wednesday said it has disrupted infrastructure tied to StealC and Amadey, two widely used cybercrime tools that the company says have become part of a broader malware supply chain used to steal credentials, support fraud and enable ransomware attacks.
Air gapped backups can still fail when configuration drift, lost encryption keys and routine human mistakes go unnoticed until recovery is needed.
A new phishing campaign is targeting banks and other high-value organizations with Phantom Stealer, a commercially available infostealer that runs in memory to avoid traditional detection, according to new research from Fortra.
Air gapped backups can provide critical ransomware resilience, but restore testing gaps, documentation drift and media rotation mistakes can leave organizations unsure whether they can actually recover.
Microsoft on Tuesday announced the general availability of Copilot Cowork, moving one of its major agentic AI tools out of preview and into broader enterprise use.
Microsoft's June Patch Tuesday release is one of the largest in company history, but the bigger concern for enterprise IT teams is the handful of zero-days already known to attackers and researchers.
GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI coding environments.
Microsoft MVP Derek Melber explains why real AD knowledge depends on understanding how Group Policy, replication and DNS behave in production.
A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research from Enclave.
President Donald Trump signed a new executive order Tuesday that aims to keep the United States ahead in AI while giving the federal government a limited role in reviewing the security risks tied to the most advanced models.
Microsoft used Build 2026 to position Windows as a platform for building and running AI agents, expanding its developer focus beyond AI-assisted apps and into agents that can act across local devices, cloud environments and enterprise systems.
The FBI is warning orgs about Kali365, a phishing-as-a-service kit that can help attackers get around multifactor authentication protections in Microsoft 365 environments by stealing access tokens instead of passwords.
Microsoft has disrupted a cybercrime service that allegedly helped ransomware operators and other attackers make malware appear as verified software, the company said last week.
Microsoft released RAMPART and Clarity as open-source projects intended to help developers test AI agents earlier in the software lifecycle and turn red-team findings into repeatable engineering checks.
More than half of small and midsize businesses rank cybersecurity and data protection among their top priorities, with many planning to increase security spending as AI adoption adds new risks, according to a new IDC survey commissioned by Sage.
A new agentic AI security multi-model defense system built by Microsoft's Autonomous Code Security team helped researchers find 16 new vulnerabilities across the Windows networking and authentication stack.
Microsoft's May Patch Tuesday release broke a long zero-day streak, arriving without any vulnerabilities listed as exploited or publicly disclosed.
TechMentor speaker Heather Wilde Renze says LLMs can help security teams move faster, but data boundaries, review loops and access controls need to come first.