At Build 2026, Microsoft unveiled a new containment framework for autonomous AI agents, expanded its MDASH vulnerability ...

Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...

Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Compromised npm packages targeted Red Hat cloud services, enabling credential theft and expanding supply chain risks.

As the COOs from both Uber and Microsoft recently learned, encouraging company engineers to use AI aggressively can lead to ...

NLWeb is Microsoft's open protocol for turning any website into a conversational AI app. Here's what developers need to know ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

On the first day of Microsoft Build 2026 in San Francisco, Microsoft announced the public preview of Azure HorizonDB, a fully managed PostgreSQL-compatible database rebuilt from the ground up for ...

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...