Security - 4

2025 (12)

October (6)

azure: [Launched] Generally Available: Firmware analysis enabled by Azure Arc

Azure Updates

2025-10-09

Azure Arc's firmware analysis capability is now generally available, providing deep visibility into the software that runs on IoT, OT, and network devices to improve security visibility for systems that often operate as black boxes.

dotnet: Developer and AI Code Reviewer: Reviewing AI-Generated Code in .NET

.NET

2025-10-07

Practical guidance for reviewing AI-generated .NET code, emphasizing that AI output should be treated as a starting point and validated through tests, linters, security checks, and clear team processes to maintain quality and productivity.

github: Secret Protection expands default pattern support – September 2025

GitHub

2025-10-07

GitHub updated the Secret Protection default pattern set in September 2025, adding new secret detection patterns and upgrading existing ones to improve coverage across different secret types. The changes expand built-in secret scanning so repositories using the default patterns benefit from broader, more accurate detection without manual configuration.

github: Enterprise access restrictions now supports multiple enterprises

GitHub

2025-10-06

GitHub Enterprise Cloud customers with multiple Enterprise Managed Users (EMU) accounts can now use a single proxy header to block traffic to github.com that originates outside any of their enterprises. This update lifts the prior limitation that tied enterprise access restrictions to a single enterprise, simplifying network configuration for organizations with multiple EMU accounts.

azure: [Launched] Generally Available: Cross-tenant customer-managed keys for Azure NetApp Files volume encryption

Azure Updates

2025-10-03

Azure NetApp Files now generally supports cross-tenant customer-managed keys (CMK) for volume encryption, letting customers use and control their own encryption keys across different Azure tenancies to increase control and flexibility.

azure: [In preview] Public Preview: Azure SQL updates for late September 2025

Azure Updates

2025-10-01

In late September 2025 Azure SQL announced a Public Preview feature that adds immutability to long-term retention (LTR) backups to protect backups from ransomware and tampering.

September (6)

github: Secret scanning adds validators for MongoDB, Meta, and Microsoft Azure

GitHub

2025-09-30

GitHub Secret Scanning has added validity-check validators for secrets related to MongoDB, Meta, and Microsoft Azure. These new checks augment existing validators to improve detection of provider-specific credentials and prevent accidental commits of valid secrets.

azure: Retirement: Spark Native Connector for Semantic Link

Azure Updates

2025-09-30

Microsoft announces the retirement of the Spark native connector effective October 1, 2025, citing low usage, high maintenance costs, and potential security vulnerabilities; source text is truncated before completing the stated goal.

github: Strengthening npm security: Important changes to authentication and token management

GitHub

2025-09-29

GitHub announced the first phase of security improvements for npm that change how authentication and token management work. The update is part of a staged rollout intended to harden the npm ecosystem and was posted on the GitHub Blog.

aks: Release 2025-09-21

Release notes from AKS

2025-09-27

AKS release v20250921 includes new previews and GA features, multiple deprecations and retirements, security and component upgrades, bug fixes, and several behavioural changes. Important actions: upgrade clusters from deprecated Kubernetes/Azure Linux versions, migrate deprecated add-ons, and review node pool and networking defaults to ensure compatibility.

github: CodeQL 2.23.1 adds support for Java 25, TypeScript 5.9 and Swift 6.1.3

GitHub

2025-09-26

CodeQL 2.23.1 is a new release of GitHub's static analysis engine that adds language support for Java 25, TypeScript 5.9, and Swift 6.1.3 to improve code scanning and security analysis.

security: Introducing Microsoft Marketplace — Thousands of solutions. Millions of customers. One Marketplace.

Microsoft Security Blog

2025-09-25

Microsoft announced the launch of the reimagined Microsoft Marketplace, a unified and trusted destination for cloud solutions, AI apps and agents designed to connect thousands of solutions with millions of customers and empower organizations to become 'Frontier'.