Microsoft is hitting the brakes on its aggressive Copilot push in Windows 11, promising a sweeping quality overhaul that puts performance and reliability ahead of AI feature expansion .
AI adoption is forcing companies to trade security for speed -- and identity controls are the first casualty.
The Cybersecurity and Infrastructure Security Agency is urging U.S. organizations to strengthen security around Microsoft Intune and other endpoint management platforms after a cyberattack on medical technology giant Stryker Corp. disrupted operations and contributed to surgery delays at hospitals nationwide.
As geopolitical tensions escalate and nation-state cyberattacks increase, organizations must adopt an "assume breach" mindset and strengthen disaster recovery planning -- including preparing for physical threats to cloud infrastructure.
- By Joey D'Antoni
- 03/16/2026
Microsoft rolled out a trio of AI updates this week, spanning Microsoft 365 Copilot, Security Copilot and Microsoft Foundry.
Hackers are shifting their focus from "breaking in" to "logging in," according to the inaugural Cloudflare Threat Report, released in early March.
Microsoft's March 2026 Patch Tuesday includes fixes for 83 vulnerabilities affecting Windows, Office, SQL Server, Azure and .NET.
Security researchers are tracking two separate GitHub-related threat campaigns that use the platform's infrastructure in different ways -- one to deliver vishing lures through legitimate GitHub notifications, and another to push Windows users toward malware-infected downloads hosted through deceptive GitHub Pages and repositories.
Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy remote monitoring and management tools as persistent backdoors on targeted systems.
Microsoft this week moved forward on two parallel tracks of its Windows strategy, releasing a new Windows 11 Beta Channel preview while unveiling an enterprise-focused 5G laptop management partnership with Ericsson aimed at simplifying connectivity oversight for IT departments.
Microsoft's February Patch Tuesday release addresses 58 vulnerabilities across Windows, Office and several other products, with six zero-day flaws highlighting the monthly release.
Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement toward high-value assets within targeted organizations.
Microsoft is adding security warning messages in Teams for organizations using default configurations, a move the company says is part of its Secure By Default initiative and aimed at increasing user awareness of potentially risky files and links without changing existing enforcement policies.
Microsoft announced a leadership shake-up Wednesday that will see Hayete Gallot return to the company as executive vice president of security, replacing Charlie Bell, who is shifting into a new role focused on Microsoft’s Quality Excellence Initiative.
Microsoft issued an out-of-band security update on Jan. 26 to address CVE-2026-21509, a Microsoft Office vulnerability the company said was being actively exploited at the time of disclosure.
The 2026 Cloud Security Report from Fortinet finds cloud security teams are less concerned about whether cloud platforms can be secured and more focused on whether their defenses can keep pace with the speed of change.
A recent Exchange Online disruption tied to Microsoft network changes underscores how deeply businesses still rely on email -- and how few practical options organizations have to protect critical workflows when cloud services fail.
- By Joey D'Antoni
- 01/28/2026
Ransomware attacks continued to climb in 2025 as attackers increasingly timed operations around year-end staffing gaps and shifted away from traditional file encryption.
Microsoft released an out-of-band update Friday to resolve credential authentication failures affecting Azure Virtual Desktop and Windows 365 connections that emerged after the company's January 2026 security update.
Microsoft released a pair of security and compliance updates this week designed to help IT administrators strengthen protections across Microsoft 365 Apps for enterprise and simplify app governance in Teams.