Browse All Security Content (581)

Lee Stott explains the Model Context Protocol (MCP) and why it’s becoming a practical standard for connecting LLM apps to tools and data. The post highlights recent updates to Microsoft’s MCP for Beginners curriculum, including spec alignment, validated SDK samples, and a security-focused refresh with concrete fixes and audits.

Jesse Sullivan explains how the PostgreSQL extension for Visual Studio Code tightens the workflow for running Azure Database for PostgreSQL, bringing metrics, Azure Advisor recommendations, query plan tooling, and AI-assisted query analysis into the editor so teams can diagnose and tune performance without constantly switching tools.

Sandeep Sen and Kristen Womack share the May/June 2026 Azure Developer CLI (azd) roundup, covering new commands like azd tool and azd exec, safer provisioning with azure.yaml dependsOn, improvements to extensions and prompts, and a long list of fixes across deployments, pipelines, and authentication.

antonfr explains how Microsoft Fabric’s built-in data protection features—powered by Microsoft Purview—help teams make data “AI-ready” by classifying sensitive content, enforcing least-privilege access, applying persistent protection, and improving observability so Copilot and agent experiences don’t amplify oversharing risks.

Microsoft Defender Security Research Team breaks down a multi-stage intrusion campaign targeting hospitality organizations, using photo-themed ZIPs and fake image LNK files to launch obfuscated PowerShell, deploy a Node.js implant, and maintain persistence via dual registry keys, along with Defender detections, hunting queries, and mitigation guidance.

Allison announces a public preview update that lets enterprises restrict which marketplaces GitHub Copilot CLI and VS Code can install plugins from, using the strictKnownMarketplaces setting in enterprise-managed settings.json to reduce the risk of untrusted plugins.

goupadhy announces the June 2026 on-premises data gateway release (v3000.322) for Microsoft Fabric/Power BI, highlighting a move to Windows Web Account Manager (WAM) authentication, an updated Log4j dependency, and new consent-driven diagnostic upload capabilities integrated into the Dataflow Gen2 run experience.

RajyaLaxmiYellajosyula announces the Oracle AI Database@Azure AI adoption playbook and outlines the main blueprint patterns for building AI experiences on Oracle data using Microsoft services, with a strong emphasis on security, governance, and regulated-industry requirements.

Poonam Gupta shares how Microsoft is reshaping the software development lifecycle with an internal “agentic platform”, using GitHub Copilot, Azure SRE Agent, and specialized agents to reduce toil across planning, code review, security remediation, operations, and modernization—along with measurable results from large-scale adoption inside Microsoft.

Allison announces a new npm safeguard for high-impact accounts: when npm detects sensitive account changes (like email updates or 2FA recovery code use), it temporarily restricts risky actions for 72 hours to reduce account-takeover and supply chain attack impact.

ssaroiu explains how Microsoft built a production-oriented Rowhammer defense into the Azure Cobalt 200 SoC, focusing on practical cloud-scale constraints like performance overhead, configurability across DRAM quality, and operating the protection safely with privacy-preserving telemetry in confidential computing environments.

Priyanka Vergadia hosts David Sanchez to demo “agentic DevOps” using GitHub and Azure, showing how AI and GitHub Copilot can support planning, coding, reviews, CI/CD, testing, security checks, and monitoring across an end-to-end delivery pipeline.

Hidde de Smet explains how MCP’s Enterprise-Managed Authorization changes MCP authentication from per-server OAuth consent to policy-driven sign-in via an identity provider, with VS Code 1.123 preview support for Entra ID, Okta, and Auth0 and governance controls that pair with GitHub Copilot’s MCP registry policies.

VikasBhatia summarizes how Azure Confidential Computing is maturing for sovereign and regulated workloads, highlighting recent GA and preview milestones across confidential VMs, hardware-rooted security, key protection, and operational capabilities like confidential live migration, plus how these controls fit into broader governance and compliance requirements.

Lily Ma summarizes what has shipped in the Azure Functions MCP extension since preview, including resource and prompt triggers, MCP Apps for interactive UI, built-in MCP authentication with Microsoft Entra ID, and new .NET fluent configuration APIs for schemas, metadata, and rich content responses.

bexelbie explains what the Microsoft UEFI CA 2011 expiration in June 2026 means for Linux systems using UEFI Secure Boot, why expiration isn’t the same as revocation, and what can actually cause boot failures when vendors move to 2023-only signed shims.

Rohan Malpani explains how AI features in Visual Studio and VS Code can help teams ship safer, more accessible code by combining reusable “skills” with agent-based workflows that fit real development practices.

Microsoft Security Team summarizes how CNAPP is shifting from posture visibility to context-aware risk reduction, and explains how Microsoft Defender for Cloud fits into the “code-to-cloud-to-SOC” model by correlating identity, data, runtime, and cloud signals to prioritize exploitable attack paths.

analyticanna rounds up the Microsoft SQL updates shipped in the first half of 2026 across Azure SQL, SQL Server, and SQL database in Microsoft Fabric, with links to each GA/Preview announcement. Highlights include T-SQL regex features, Entra-based logins, TDE improvements, embeddings support, and new tooling in SSMS and VS Code (including GitHub Copilot features).

Allison announces new GitHub Enterprise “break-glass” incident response capabilities that let enterprise owners (and permitted members) bulk revoke or delete user credentials and SSO authorizations, plus a self-service experience for enterprise members to revoke their own credentials from Settings.

John Savill gives a quick walkthrough of Microsoft’s Security Adoption Model resource, explaining how it’s structured and how to use it to plan and track a security adoption journey.

vzisiadis walks through how to put Azure API Management (APIM) in front of MCP servers to handle authentication and authorization, from basic Entra ID token validation to interactive OAuth sign-in from VS Code, app-role based access control, and governing external MCP servers like GitHub via passthrough and tool-level blocking.

Microsoft Threat Intelligence, the Microsoft Defender Security Research Team, and the Microsoft Digital Crimes Unit break down how the StealC infostealer and Amadey loader operate, how stolen credentials get monetized, and what defenders can do to reduce risk using Microsoft Defender protections and hardening guidance.

Thomas Maurer explains what Azure Local Small Form Factor (SFF) is and why it matters for edge scenarios, then outlines an end-to-end deployment flow: provisioning a device as an Azure resource, installing the Azure Local OS, registering it with Azure Arc, and running container workloads with Docker and K3s.

Allison announces an update to GitHub secret scanning: detections for Replicate secrets now include extended metadata to provide more context when a Replicate API token is found in a repository.

jordanselig explains why most Model Context Protocol (MCP) servers are being deployed without real authentication, then walks through a defense-in-depth reference architecture on Azure App Service using Entra ID OAuth, managed identity, Key Vault, private networking, API Management, and monitoring to reduce common MCP attack paths.

Allison announces a public preview of new GitHub REST API endpoints for retrieving GitHub Code Quality (CodeQL) findings at the repository level, enabling integrations that can query findings programmatically and support remediation workflows.

DevClass reports on Vercel’s Ship event announcements, focusing on the new open source eve agent framework and enterprise controls like Passport for bringing AI-built apps and agents under centralized identity and policy, including OpenID Connect support for providers such as Okta and Microsoft Entra ID.

sunil_sabat explains how Microsoft Fabric Data Factory supports multi-cloud data integration and orchestration across platforms like Snowflake, Databricks, Google BigQuery, and Salesforce, and how OneLake features (Shortcuts, mirroring) and Purview lineage help teams build governed, production-ready analytics and AI data flows.

Allison announces an update that lets Dependabot read from private GitHub-hosted package registries using the built-in GITHUB_TOKEN, removing the need for personal access tokens when the package grants Actions access to the repository.

Allison announces that Dependabot has dropped support for Python 3.9 due to end-of-life status, and explains the practical impact: Dependabot may stop opening pull requests for dependency updates if your setup still relies on Python 3.9.

Justin Bettencourt rounds up the May 2026 Azure SDK releases, including GA for the Azure SDK for Rust and the .NET Azure Batch client library, plus new Azure AI Search knowledge-base retrieval features and preview Azure AI Agent Server hosting libraries across .NET, Python, and JavaScript.

Natalie Isak and Sarah Cooley explain how “AI memory” changes the threat model for assistants and agents, enabling delayed, cross-session attacks like adversarial memory poisoning. They outline Microsoft’s defense-in-depth approach for Microsoft 365 Copilot, including write-time sanitization, policy-governed storage, and auditability for SOC investigations.

Microsoft Incident Response (DART) breaks down a ransomware investigation where two unrelated threat actors operated in parallel inside the same environment, blending tactics and obscuring attribution. The post highlights the intrusion chain, evasion and persistence techniques observed, and practical defensive priorities around patching, identity protection, and centralized telemetry.

DevClass reports on upcoming npm 12 default changes that stop install-time scripts from running automatically, aiming to reduce a major supply-chain attack surface on developer machines and CI runners. The piece explains the new flags, breaking-change impact, and how teams can prepare using npm 11.x settings.

Eric van Wijk announces the deprecation and planned retirement of the Azure DevOps OIDC issuer used by Workload Identity Federation (WIF) service connections, and explains what Azure Pipelines users need to do to move existing connections to the Microsoft Entra issuer before the 2027 deadline.

DevClass reports on Checkmarx survey findings that many developers believe AI-generated code contains more vulnerabilities, yet some still ship it to production. The piece connects AI-assisted development, open source supply-chain risk, and security process gaps to higher breach frequency.

Thomas Maurer explains Azure Local Simplified Machine Provisioning, a new workflow for provisioning physical Azure Local nodes with minimal on-site work while keeping configuration and control centralized in Azure.

This week in Security, AI agents and MCP-based tooling ran into familiar trust-boundary problems, especially when browser-like agents can be pushed from untrusted web content into localhost services and privileged tools. Microsoft Defender Security Research unpacked AutoJack, showing how a single page can drive an agent into an MCP WebSocket path that ends in host-side code execution, reinforcing the need for explicit mediation, authentication, and monitoring even on loopback. On the control side, teams shared concrete governance patterns like placing Azure API Management in front of MCP servers to enforce tool visibility, logging, and rate limits, alongside deterministic agent workflows in the ARM MCP Server that make infrastructure changes reviewable and repeatable. Rounding it out, enterprise reinforcement learning guidance emphasized that training loops need production-grade isolation too, using sandboxed environments and clear evaluation gates to keep experimentation contained.

devanshirastogi explains upcoming changes to Azure Firewall explicit proxy and provides a migration walkthrough for PAC file–based setups, including moving PAC retrieval to customer-managed Azure Storage and using Managed Identity with the right RBAC roles. The guide includes portal steps plus PowerShell and Azure CLI examples for configuring Firewall Policy.