Azure Storage adds a preview feature to restrict (bind) user delegation SAS usage to a specific Microsoft Entra ID identity, strengthening authentication by tying SAS access to the user.
GitHub Copilot Business and Copilot Pro customers can now use Anthropic Claude and OpenAI Codex as coding agents. Copilot Enterprise and Pro+ customers got access earlier in February 2026.
Microsoft Security Blog post highlights AI threat modeling as a way to identify misuse, emergent risks, and failure modes in probabilistic and agentic AI systems.
GitHub Copilot adds a new Content Exclusion REST API (JSON) in public preview for organization and enterprise admins to manage Copilot content exclusion rules programmatically.
GitHub Mobile now supports Live Coding Agent Notifications to monitor Copilot coding agent activity and supported third-party agent sessions in real time from the mobile app.
Azure Monitor pipeline adds public-preview support for secure ingestion from external endpoints using TLS/mTLS and Bring Your Own Certificates (BYOC), plus new controls for pod placement.
GPT-5.3-Codex is generally available for GitHub Copilot paid tiers and can be used via Copilot Chat across github.com, GitHub Mobile, and Visual Studio.
Copilot Chat on github.com now supports model-native web search for certain models, allowing those models to use their built-in web browsing capability during chats.
Late-February 2026 preview updates for Azure SQL add in-dialog database management actions and introduce flat-file import support in the MSSQL extension.
Azure Database for PostgreSQL now supports configuring geo-redundant automated backups when using Premium SSD v2 disks (public preview). This adds a disaster-recovery option by storing backups in a geo-redundant manner.
GitHub Enterprise Server 3.20 release candidate is available. The changelog post indicates improvements in deployment efficiency, monitoring, code security, and policy management, but provides no concrete details in the provided excerpt.
A .NET Blog post describing how the author used a WinForms agent/AI-assisted development workflow to quickly build a replacement time-study app after a hardware dongle failed during a business trip.
GitHub’s repository dashboard has moved from public preview to general availability. It lets users find, filter, and save custom views of repositories they can access.
Microsoft reports a developer-targeting campaign that used malicious Next.js repositories to achieve covert remote code execution and stage command-and-control via normal build workflows.
· security
· timeframe: 2026-02
· tags: Microsoft Defender, SOC, autonomous defense, managed security services, AI security
Guide-style post arguing that manual SOC processes and legacy tools can’t keep up with AI-enabled attacks, and positioning Microsoft Defender’s autonomous capabilities plus expert-led services as the proposed approach.
GitHub now generally makes available enterprise-defined custom organization roles to help enterprises standardize role-based access across multiple organizations.
Windows Server Annual Channel (Preview) on AKS will retire on May 15, 2026. Users should migrate to Windows Server Long Term Servicing Channel (LTSC) before that date.
· github
· timeframe: 2026-02
· tags: GitHub Enterprise Cloud, Enterprise Managed Users, IP allow list, Security, Public preview
GitHub Enterprise Cloud now supports extending GitHub’s native IP allow list to user namespaces for Enterprise Managed Users (EMUs), available in public preview.
GitHub Enterprise organization owners can now discover and manage both enterprise teams and organization teams via existing organization team API endpoints.
Azure Application Gateway WAF Insights is now in public preview, adding an interactive view of WAF logs and metrics. It is intended to help investigate blocked requests and analyze attack patterns.
Azure Premium SSD v2 disks are now generally available in Brazil Southeast and expanded to a third Availability Zone in Malaysia West and Indonesia Central.
· ai
· timeframe: 2026-02
· tags: microsoft, agent-framework, release-candidate, dotnet, python, api-stability, v1.0, ga
Microsoft Agent Framework has reached Release Candidate for both .NET and Python. Microsoft states the v1.0 API surface is stable and intended v1.0 features are complete on the path to General Availability.
GitHub’s Actions workflow dispatch API can now optionally return response metadata, including workflow run IDs, to help correlate a dispatch request with the resulting run.
GitHub Copilot support in the Zed editor is now generally available via an official partnership. Copilot subscriptions (Pro, Pro+, Business, Enterprise) can authenticate and be used directly in Zed.
GitHub Projects now lets you populate a new project by importing items returned from a search query, not only by importing from a repository. The hierarchy view also received usability improvements.
Microsoft published a new e-book positioned as a maturity-based guide for adopting Microsoft Security Exposure Management. It focuses on moving from fragmented, reactive security practices to a unified exposure management approach intended to support proactive defense.
Microsoft Security Blog outlines risks of self-hosted agent runtimes (like OpenClaw) that execute untrusted input while holding long-lived credentials, creating compounded supply-chain exposure. It emphasizes governance plus identity controls and runtime isolation to reduce credential and execution risk in enterprise deployments.
Microsoft Foundry’s Dec 2025–Jan 2026 updates add several new foundation models, expand audio and fine-tuning capabilities, and introduce SDK changes including an azure-ai-projects v2 beta consolidation.
GitHub Secret Scanning now supports configuring extended metadata checks via security configurations, making it easier to enable these checks across many repositories.
Claude Opus 4.6 is now generally available in GitHub Copilot for Enterprise, Business, Pro, and Pro+ plans. It can be used in Copilot Chat on github.com and in supported IDEs.
GitHub Desktop 3.5.5 adds support for Git hooks to address prior compatibility issues, especially with version managers and environment-dependent scripts.
AKS MCP Server adds unified tooling in public preview to reduce tool/context overhead when managing AKS MCP servers. Two new tools are introduced: call_az and call_kubectl.
AKS clusters using node auto-provisioning can now enable LocalDNS, removing a previous limitation where LocalDNS couldn’t be used with that cluster type.
AKS release 2026-02-08 adds new Kubernetes patch versions, expands regional availability for API Server VNET Integration, and introduces several security/behavioral changes plus multiple component/image updates.
GitHub Copilot is rolling out support for Anthropic Claude Sonnet 4.6, now generally available. GitHub notes early testing shows strong performance on agentic coding, especially search.
Azure Disk Storage now generally supports instant access for incremental snapshots of Premium SSD v2 and Ultra Disks, enabling immediate restores to new disks after snapshot creation.
GitHub’s “required reviewer” rule for repository rulesets is now generally available. It lets admins require approvals from specific reviewers for changes targeting defined branches and paths across an org/enterprise.
GitHub shipped updates to organization/enterprise policy controls: custom properties now allow requiring an explicit value, and rule insights provide improved visibility into rule activity.
GitHub updated its status page to make incident details easier to find and more useful during active incidents. The status site now includes a 90-day historical view of availability.
Microsoft Foundry published a guide on using the Foundry SDK to fine-tune LLMs with Direct Preference Optimization (DPO) to better align outputs with human preferences.
GitHub now lets enterprise and organization admins choose whether to display users’ profile names (first and last) alongside their handles across the enterprise UI.
GitHub added two new repository settings to control how a repo accepts contributions via pull requests, including an option to disable pull requests entirely.
GitHub announced upcoming network configuration changes for Copilot coding agent, which runs background tasks in its own GitHub Actions-powered environment.
GitHub introduced Agentic Workflows in technical preview, enabling AI agents to run repository automation tasks inside GitHub Actions. Workflows can be authored in Markdown rather than YAML, delegating task planning/execution to the agent.
· security
· timeframe: 2026-02
· tags: Microsoft Copilot Studio, agent security, Microsoft Defender, configuration, access control, orchestration, risk management
Microsoft outlines 10 common security risks in Copilot Studio agents and pairs each with suggested detection and mitigation approaches using Microsoft Defender. The focus is on preventing exposure from configuration, access, and orchestration weaknesses.
Microsoft announced its presence at the RSAC 2026 Conference and positioned its show-floor content around “Frontier Firms,” described as human-led and agent-operated organizations.
Interview with Jordan Liggitt describing SIG Architecture’s API Governance subproject: it defines and enforces conventions across Kubernetes API surfaces to balance stability/compatibility with ongoing evolution.
Mid-February 2026 Azure SQL preview adds new Visual Studio Code publishing support for SQL Projects and introduces a Connections Migration dialog to import existing workflows.
GitHub Copilot Testing for .NET is generally available in Visual Studio 18.3, adding an AI-assisted workflow to generate and iterate on unit tests directly in the IDE.
Microsoft Foundry argues that enterprise LLM deployments often need behavior-level alignment (consistency, reliability, policy compliance) that prompt engineering and RAG cannot provide, positioning fine-tuning as the mechanism to change model behavior.
Microsoft Security Blog published a post promoting a new buyer’s guide for selecting a unified, AI-ready SIEM platform aimed at supporting “agentic” AI-era security operations.
Microsoft Security Blog post promoting its Cyber Pulse report, focused on cybersecurity risks related to active AI agents and the need for observability, governance, and security.
Microsoft security researchers describe a growing pattern of “AI Recommendation Poisoning,” where attackers poison an AI system’s memory to manipulate future recommendations for promotional gain.
Azure announced a public preview AKS managed add-on for Application Gateway for Containers that automates deployment and lifecycle management of the gateway and its ALB Controller.
GitHub Enterprise admins can now authorize GitHub Apps (using fine-grained enterprise teams permissions) to access Enterprise Teams API endpoints in public preview. Previously, these endpoints required a classic personal access token.
GitHub Copilot is rolling out a research/public preview of Claude Opus 4.6 “Fast mode.” The mode increases output token generation speed by up to 2.5×.
Microsoft reports active exploitation of SolarWinds Web Help Desk using CVE-2025-40551 and CVE-2025-40536 that can lead to domain compromise, and provides guidance to patch, hunt, and mitigate.
Azure Disk Backup is adding a private preview feature called Vaulted Backups for Azure Disk. It extends current disk protection beyond in-subscription operational snapshots toward storing backups in a vault tier.
Guest post outlining how to implement an “AI Skills Executor” in .NET using Azure OpenAI and the Model Context Protocol (MCP) C# SDK to replicate Anthropic-style agent patterns.
Azure introduced a public preview of the Azure Virtual Network routing appliance for providing private connectivity across virtual networks using a dedicated routing appliance.
· security
· timeframe: 2026-02
· tags: security, malware, phishing/social-engineering, RAT, python, windows, living-off-the-land, persistence, microsoft
Microsoft reports a new ClickFix variant, “CrashFix,” that intentionally crashes browsers to trick users into running commands that install a Python-based remote access trojan (RAT). The campaign abuses built-in utilities (finger.exe) and a portable Python runtime to reduce detection and maintain persistence on targeted systems.
Microsoft explains that many incidents stem from inconsistent implementation of known security controls and describes its support for Operation Winter SHIELD to help organizations close this “implementation gap.”
GitHub Actions’ early February 2026 update adds custom runner autoscaling, broadens security controls to all users, and provides early access to new Windows and macOS runner images.
VS Code adds a unified interface to manage multiple coding agents (local, background, and cloud) from one place. It supports using third-party agents like Claude and Codex alongside Copilot and emphasizes interoperability via MCP and Agent Skills.
Azure NetApp Files Elastic zone-redundant storage (Elastic ZRS) is now in public preview. It aims to provide continuous access and zero data loss even if an entire Azure Availability Zone becomes unavailable.
GitHub Copilot for VS Code v1.109 (January 2026) adds agent-driven workflows, improves agent session management, and introduces agent support for Anthropic Claude models.
January 2026 updates to GitHub Copilot in Visual Studio add colorized code completions, the ability to partially accept a completion, and general productivity improvements.
· vscode
· timeframe: 2026-02
· tags: Visual Studio Code, Insiders, Release Notes, January 2026, v1.109, Updates
This brief entry announces the Visual Studio Code January 2026 Release (Insiders) version 1.109 and points readers to the full article for details on what’s new in this release.
Microsoft published research on detecting backdoors in open-weight language models and described a scanner intended to identify backdoored models at scale.
Azure Container Storage v2.1.0 is generally available, adding native Elastic SAN support and a lightweight on‑demand installation model to simplify deployment and operations for Kubernetes workloads on Azure.
Azure Kubernetes Fleet Manager now offers namespace‑scoped resource placement in public preview, providing fine‑grained control to select and propagate individual namespace resources across multiple clusters.
Azure Application Gateway WAF v2 now offers Public Preview support for additional rate‑limiting GroupBy options that use the X‑Forwarded‑For (XFF) HTTP header, enabling better client identification when the gateway is behind proxies or CDNs.
GitHub Dependabot can now authenticate to private registries using OpenID Connect (OIDC), removing the need to store long-lived registry credentials as repository secrets for Dependabot update jobs.
Microsoft describes an updated Secure Development Lifecycle (SDL) approach aimed at securing AI systems, combining internal policy, security research, and enablement activities.
GitHub has open-sourced the Dependabot Proxy and released it under the permissive MIT license, allowing developers to review the implementation (including how authentication is handled for different package ecosystems), reuse it, and contribute.
The Node Readiness Controller is a new Kubernetes project that provides a declarative system (NodeReadinessRule) to manage node taints based on custom node conditions. It extends readiness guardrails during node bootstrapping and runtime by automating taint application/removal so workloads land only on nodes that meet infrastructure-specific requirements.
· security
· timeframe: 2026-02
· tags: macOS, infostealer, Python malware, credential theft, malware distribution, platform abuse, Microsoft Security Blog
Microsoft describes recent infostealer activity targeting macOS, highlighting Python-based stealers and distribution techniques that abuse trusted platforms and common utilities.
Microsoft will end support on April 1, 2026 for weak DHE TLS cipher suites used by Azure Front Door (Standard, Premium, Classic) and Azure CDN from Microsoft (Classic) to improve security.
Azure Databricks serverless workspaces are now generally available: a fully managed workspace option that includes preconfigured serverless compute and default storage to provide an enterprise-ready, SaaS-like experience with no infrastructure to manage.
Microsoft announced the general availability of Default Rule Set (DRS) 2.2 for Web Application Firewall (WAF) on Azure Application Gateway. The Azure-managed rule set provides active protection against common web vulnerabilities and exploits and includes Microsoft Threat Intelligence.