Category: Microsoft Security Blog

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery (CI/CD) pipelines, and cloud-connected workloads to harvest credentials…

Read more →

Cyber defense is evolving. Find out how graph-powered strategies and AI can help organizations detect threats faster and improve security hygiene. The post Changing the physics of cyber defense appeared first on Microsoft Security Blog. This article has been indexed…

Read more →

To bolster security for our customers, we need to align with our ecosystem partners. Our new collaboration with Beazley as an incident response partner is a step in that direction. The post Stronger together: New Beazley collaboration enhances cyber resilience…

Read more →

Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security, which we believe highlights the innovative capabilities of Microsoft Defender for Office 365. The post Microsoft named a leader in the 2025 Gartner® Magic Quadrant™…

Read more →

In this article, Damon Becknel, Vice President and Deputy CISO for Regulated Industries at Microsoft, outlines four things to prioritize doing now. The post Cybersecurity strategies to prioritize now​​  appeared first on Microsoft Security Blog. This article has been indexed…

Read more →

To secure the future, we must future-proof our cybersecurity talent and develop teams that are agile, innovative, and perpetually learning. The post How to build forward-thinking cybersecurity teams for tomorrow appeared first on Microsoft Security Blog. This article has been…

Read more →

This blog shares our journey and insights from building autonomous AI agents for MDR operations and explores how the shift to a GenAI-powered SOC redefines collaboration between humans and AI. The post Charting the future of SOC: Human and AI…

Read more →

We’re happy to share that Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year. The post Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management…

Read more →

In the agentic era, security must be ambient and autonomous, like the AI it protects. It must be woven into and around everything we build—from silicon to operating system, to agents, apps, data, platforms, and clouds—and throughout everything we do.…

Read more →

At Microsoft Ignite 2025, we are not just announcing new features—we are redefining what’s possible, empowering security teams to shift from reactive responses to proactive strategies. The post Agents built into your workflow: Get Security Copilot with Microsoft 365 E5…

Read more →

Read about Microsoft and NVIDIA joint research on real-time immunity. The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read the original article:…

Read more →

When we launched the Secure Future Initiative, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering…

Read more →

Microsoft has discovered a side-channel attack on language models which allows adversaries to conclude model conversation topics, despite being encrypted. The post ​​Whisper Leak: A novel side-channel attack on remote language models appeared first on Microsoft Security Blog. This article…

Read more →

New IDC research shows why CISOs must move toward AI-powered, integrated platforms like CNAPP, XDR, and SIEM to reduce risk, cut complexity, and strengthen resilience. The post New IDC research highlights a major cloud security shift appeared first on Microsoft…

Read more →

Learn how CISOs can use new European Union legislation to strengthen their cybersecurity measures. The post ​​Securing critical infrastructure: Why Europe’s risk-based regulations matter appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read…

Read more →

This new e-book showcases what generative AI can do for your SOC, from reducing alert fatigue and enabling quicker triage to getting ahead of cyberattacks with proactive threat hunting, and more. The post ​​Learn what generative AI can do for…

Read more →

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying on…

Read more →

In this blog post, we’ll highlight the key themes covered in the e-book, including the challenges organizations face, the top generative AI threats to organizations, and how companies can enhance their security posture to meet the dangers of today’s unpredictable…

Read more →

Expanded ITDR features—including the new Microsoft Defender for Identity sensor, now generally available—bring improved protection, correlation, and context to help customers modernize their identity defense. The post Harden your identity defense with improved protection, deeper correlation, and richer context appeared…

Read more →

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the…

Read more →