120 result(s)
Threat actors are using external Microsoft Teams collaboration to impersonate IT helpdesk staff, gain remote access, and then move laterally with legitimate tools to exfiltrate data while blending in as routine IT support. Microsoft says Defender can help detect this activity across Teams, endpoint, and identity telemetry.
GitHub Copilot CLI now generally supports Copilot auto model selection for all Copilot plans. When enabled, Copilot picks the most efficient model automatically.
Azure Databricks now supports Anthropic Claude Opus 4.7 via Azure Databricks AI Model Serving. The model is available generally and is positioned for complex extraction and agentic reasoning tasks.
Azure will enforce the retirement of Azure Functions runtime v3 for Linux Consumption–based Function Apps. The runtime was already retired on December 13, 2022, and affected apps will stop running on September 30, 2026.
Azure Backup now supports configuring backup for Azure Kubernetes Service (AKS) clusters with a single Azure CLI command. This reduces the manual steps previously required to install and set up the backup extension and related components.
Microsoft describes a real-world domain compromise where exposure-based containment and predictive shielding slowed attacker activity, stopped credential abuse, and disrupted lateral movement. The post focuses on how containment reduced the threat actor’s momentum during the incident.
Azure Kubernetes Service will retire support for Ubuntu 22.04 on June 30, 2027. Users should migrate to Ubuntu 24.04 or later before that date to avoid service disruption.
April 2026 adds three Reinforcement Fine-Tuning updates in Microsoft Foundry: global training for o4-mini with lower per-token pricing in 12+ regions, new GPT-4.1-based model graders for improved reward signals, and a best-practices guide for RFT workflows.
Azure NetApp Files now includes user and group quota reporting in preview/GA update. The feature provides visibility into quota limits and usage for NFS, SMB, and dual-protocol volumes.
GitHub CLI now includes gh skill, a new command for discovering and installing agent skills. The post says it is intended to make managing skills easier for AI coding agents.
The post outlines a customer approach to building a cryptographic inventory as part of cryptographic posture management and quantum-safe readiness. It references Microsoft Security tools, lifecycle best practices, and partner solutions.
GitHub announced a new rule insights dashboard and a unified filter bar for repository rulesets. The update is meant to make it easier to spot trends such as blocked-push spikes and bypass patterns.
Microsoft reports a macOS intrusion campaign attributed to Sapphire Sleet that uses social engineering and user-driven execution to bypass macOS protections. The activity is described as targeting credentials, cryptocurrency assets, and sensitive data.
Claude Opus 4.7 is now generally available in GitHub Copilot. GitHub says early testing showed improved multi-step task performance and more reliable agentic execution.
CodeQL 2.25.2 has been released. It adds support for Kotlin 2.3.20 and includes other unspecified updates.
GitHub Copilot cloud agent can now be enabled selectively for specific organizations using custom properties. Before this change, enterprise admins and AI managers could only turn the agent on or off across all organizations.
Azure Batch will retire support for HBv2-series, HC-series, and NP-series VMs in Batch pools on May 31, 2027. The notice applies to these VM sizes only when used in Azure Batch pools.
Cross-tenant customer-managed keys for Premium SSD v2 and Ultra Disks are now generally available. Managed disks can now be encrypted with a CMK stored in an Azure Key Vault in a different Microsoft Entra tenant.
The .NET MAUI Map control in .NET MAUI 11 now supports pin clustering, automatically grouping nearby pins into cluster markers. The post also covers configuring separate clustering groups and handling cluster tap events on Android and iOS.
Microsoft Security says AI incident response uses the same core IR lifecycle, but requires different telemetry, tools, and skills because AI systems change how incidents unfold.
Azure Blob Storage and ADLS will now use a 128 KiB minimum billable object size for the cool, cold, and archive access tiers. Objects smaller than 128 KiB on those tiers will be billed as 128 KiB.
Azure Site Recovery now supports Azure-to-Azure replication and disaster recovery for Windows Azure VMs that use NVMe-enabled Generation 2 VM families. Supported examples include Da/Ea/Fa v6-series and Ebsv5/Ebdsv5.
Dependabot and code scanning now support OpenID Connect (OIDC) authentication for private registries configured at the organization level. This removes the need to store long-lived credentials as repository secrets.
GitHub added deployment context to repository properties and security alert pages. Two new built-in repository properties, deployable and deployed, now expose this information.
The post is a brief recap of April 2026 servicing updates for .NET and .NET Framework. It does not include specific version details or change items in the provided text.
Microsoft announced .NET 11 Preview 3, covering updates across the runtime, SDK, libraries, ASP.NET Core, .NET MAUI, C#, Entity Framework Core, and container images. The provided excerpt does not include specific feature details.
GitHub added the ability to link code scanning alerts to GitHub Issues. The feature is in public preview and is meant to connect security remediation work with existing planning and tracking workflows.
GitHub now lets organizations configure multiple private registries at the org level for Dependabot and code scanning, which is useful for setups that use more than one internal package feed. Previously, org-level settings supported only one private registry per ecosystem.
GitHub says it is rolling out secret scanning updates that improve detection coverage, APIs, and related workflows. The post says these changes are part of ongoing secret scanning product improvements, but the provided excerpt does not include具体 details.
Smart Tier for Azure Blob and Data Lake Storage is now generally available in nearly all zonal public cloud regions. The release excludes Israel Central, Qatar Central, and UAE North at launch.
SBOM exports from repository dependency graph pages and the new API endpoints are now computed asynchronously. This changes export handling from a synchronous action to an async one.
GitHub.com now lets users select the model when starting Claude and Codex third-party coding agent runs. The feature is available for these agents, similar to Copilot cloud agent.
GitHub Code Quality has updated its standard findings experience in public preview to make repository-wide navigation and triage easier. The changelog notes improvements focused on finding reliability and related issues, but does not provide detailed feature specifics in the excerpt.
Azure File Sync is now generally available in Belgium Central, Malaysia West, and Indonesia Central. The service supports tiering data from on-premises Windows Servers to Azure Files for hybrid scenarios and migration.
GitHub Copilot now supports data residency in US and EU regions, keeping inference processing and related data within the selected geography. It also adds FedRAMP compliance for US government customers.
GitHub added a new “Fix with Copilot” button on github.com for resolving merge conflicts, powered by Copilot cloud agent. The feature lets users fix conflicts from a comment flow in three clicks.
Azure Bastion graphical session recording in public preview now supports managed identities for writing to storage accounts. This removes the need to use other credentials for storage access when configuring session recording.
Azure Storage Mover is now generally available in Azure Government (US). It provides a fully managed way for U.S. government customers and partners to migrate large-scale file data into Azure Government cloud environments.
Azure Files now lets you configure encryption-in-transit separately for SMB and NFS at the storage account level. This enables protocol-specific security policies instead of a single shared setting.
Azure Monitor now supports monitoring applications running on Azure Kubernetes Service (AKS) with OpenTelemetry. The preview includes autoinstrumentation to deploy the Azure Monitor OpenTelemetry distribution to workloads.
Azure Managed Grafana Essential SKU will retire on March 30, 2027. Customers are advised to move to Azure Managed Grafana Standard SKU or Azure Monitor Dashboards with Grafana before that date to avoid service disruption.
AKS Public Preview adds StandardV2 NAT Gateway as an outbound type for managed and BYO VNets. It provides zone-redundant outbound connectivity, up to 100 Gbps outbound throughput, and IPv6 outbound support.
GitHub Copilot CLI now supports remote control via copilot --remote, allowing users to monitor and steer a running CLI session from web and mobile. The feature is available in public preview.
GitHub is enforcing new usage limits for Copilot Pro+ and retiring Opus 4.6 Fast from that plan. The change is intended to address high-concurrency and heavy-usage patterns.
GitHub is renaming Copilot coding agent to Copilot cloud agent and updating the data schema to reflect that change. Copilot usage metrics will now aggregate active user counts for the cloud agent under the new naming.
GitHub is pausing new GitHub Copilot Pro free trials because of increased abuse of the trial system. The change is intended to protect platform integrity for legitimate developers.
GitHub Actions workflow runs are now limited to 50 reruns per workflow. Attempts to rerun a workflow beyond that limit will fail with a failed check suite.
GitHub Copilot usage metrics now include CLI activity in the overall totals and feature breakdowns. Previously, CLI metrics were only available separately in a standalone totals_by_cli section.
Azure Event Grid is now in public preview as a destination for Stripe events. Developers can route Stripe events into Event Grid to build event-driven architectures without managing webhook infrastructure or custom brokers.
GitHub says the validation tools used by Copilot cloud agent are now 20% faster. The tools include CodeQL, the GitHub Advisory Database, secret scanning, and Copilot code review.
March 2026 Foundry updates include Agent Service GA with private networking, new GPT-5.4 and GPT-5.4 Mini models, Priority Processing, Phi-4 Reasoning Vision, SDK 2.0 GA across major languages, additional Fireworks AI and NVIDIA Nemotron models, and third-party guardrails from Palo Alto and Zenity.
GitHub added an Ask Copilot entry point in security assessment results, letting organization admins and security managers get contextual explanations and next-step guidance directly from secret risk assessment and Code Security risk assessment views.
Microsoft describes a future SOC model where autonomous defense handles machine-speed response, agents provide context and coordination, and human analysts focus on judgment, risk, and outcomes.
Microsoft says Foundry Local is now generally available for running AI inference on-device. The announcement emphasizes local deployment, privacy, and no per-token costs.
GitHub moderators can now mark hidden comments as Low Quality from the Hide comment menu. The option is available on issues, discussions, pull requests, and commits.
GitHub Notifications now includes a new “Sort by” control with two options: “Newest to oldest” and “Oldest to newest.” The default behavior remains “Newest to oldest.”
GitHub now shows repository member role labels inline in the pull request list view for public repositories. Labels such as First-time contributor, Contributor, and Member appear directly in the list.
GitHub added release tracking details to the issue sidebar, configurable default values for project fields, and faster navigation between related issues.
Microsoft reports on Storm-2755, a financially motivated threat actor targeting Canadian employee accounts to access profile data and redirect salary payments to attacker-controlled accounts. The post is based on observations from Microsoft Incident Response – Detection and Response Team (DART).
Microsoft says a severe Android intent-redirection flaw in a widely used third-party SDK exposed sensitive user data across millions of apps, including Android wallets. The post explains the issue, its risk, and recommends updating affected SDKs to reduce exposure.
AKS release 2026-04-02 adds new Kubernetes patch versions, preview and GA feature updates, component bumps, and several bug fixes/security remediations. It also announces future retirements for Ubuntu 22.04, a kubelet certificate rotation disable tag, and Teleport (preview).
The Copilot usage metrics API now includes two new merge metrics for Copilot-reviewed pull requests, extending the pull request throughput and cycle-time metrics added in February. These metrics track PRs reviewed by Copilot from the coding agent.
GitHub is rolling out updates to secret scanning alert APIs, webhooks, and delegated workflows. The changes are aimed at improving the developer experience for secret scanning features.
GitHub Mobile now supports Copilot cloud agent beyond pull request workflows, letting users continue work away from their desk. The update adds the ability to ask Copilot to research and code from mobile.
PgBouncer 1.25.1 is now generally available in Azure Database for PostgreSQL – Flexible Server. It is offered as a built-in connection pooling feature to help manage idle and short-lived connections with low overhead.
Azure Service Health now provides regional, consolidated maintenance notifications for Azure Database for PostgreSQL. Instead of separate notices for each server, customers receive one notification per region for upcoming maintenance.
AKS Namespace and Workload views now include observability data from Azure Monitor managed service for Prometheus. This adds cluster and workload health, troubleshooting, and resource utilization details directly in those views.
Azure Migrate now supports public preview assessments for Azure Files. It can discover on-premises SMB and NFS file shares and provide migration planning for Windows and Linux shares to Azure Files.
Organization admins and security managers can now run a free Code Security risk assessment for their organization. It summarizes vulnerabilities by severity, rule type, and related categories.
GitHub CLI’s Linux package repositories now use an updated PGP keyring that includes both the existing signing key and a replacement key. The change is meant to support package signing continuity and will matter if you refresh or verify repository keys.
VS Code moved to weekly stable releases, and this changelog covers Copilot-related updates in VS Code versions 1.111 through 1.115 shipped in March and early April 2026. The post says the highlights include Autopilot for fully automated workflows, but the provided excerpt does not include the detailed release items.
Azure Red Hat OpenShift (ARO) now supports NVIDIA H100 and H200 GPU-based Azure VM SKUs. The update targets large-scale AI, machine learning, and HPC workloads on the managed OpenShift service.
The post introduces GitHub Copilot Modernization and focuses on the assessment report as the source of truth for cloud modernization work. It frames the report as part of the migration process and positions it as the primary reference for modernization planning.
Azure Kubernetes Service now supports disabling HTTP proxy settings in an existing cluster. This helps administrators remove or change proxy configuration as network requirements evolve without needing disruptive cluster changes.
Azure Functions now generally supports MCP resource triggers for MCP servers hosted on Functions. This lets developers expose resources directly, in addition to tools.
Azure Kubernetes Service (AKS) now supports generally available Pod CIDR expansion for overlay-based clusters. This lets teams increase the pod IP range when clusters run out of addresses, avoiding cluster rebuilds.
ASP.NET Core 2.3 will reach end of support on April 7, 2027. Microsoft says users should plan to upgrade applications to a currently supported .NET version.
GitHub Advanced Security alerts can now be prioritized using runtime context from Dynatrace, including deployed artifacts and runtime risk in Kubernetes environments. This adds environment-aware signal to help rank alerts.
GitHub Copilot CLI now supports connecting your own model provider (BYOK) or using fully local models instead of GitHub-hosted model routing. The change gives CLI users more control over where models run and which providers they use.
Dependabot alerts can now be assigned to AI coding agents for remediation, including Copilot, Claude, and Codex. This is intended for vulnerabilities that require code changes beyond a simple dependency version update.
Dependabot version updates now support the Nix ecosystem via Nix flakes. You can add nix as a package ecosystem in dependabot.yml and Dependabot will monitor flake.lock inputs and open pull requests when updates are available.
Microsoft says Forest Blizzard, a threat actor linked to the Russian military, is compromising insecure home and small-office routers and changing their settings to support malicious infrastructure. The activity includes DNS hijacking and adversary-in-the-middle attacks.
GitHub code scanning alerts on pull requests can now be fixed in bulk from the Files changed tab. The update lets users apply multiple security alert suggestions at once instead of handling them individually.
npm trusted publishing now supports CircleCI as an OIDC provider for publishing packages to npm. Maintainers can authenticate from CircleCI workflows without stored credentials, alongside existing support for GitHub Actions and GitLab CI/CD.
GitHub Copilot usage metrics now show which users have Copilot code review activity and whether that activity was active or passive. Enterprise and organization admins can use these metrics to see how users engage with Copilot code review.
Network Security Perimeter support for Azure Service Bus is now generally available. It lets you define a logical network boundary around Service Bus namespaces and other Azure PaaS resources to block unauthorized public access.
Microsoft describes a new device code phishing campaign that uses AI and end-to-end automation to generate live authentication codes on demand. The result is more scalable account compromise, higher success rates, and longer post-compromise access.
Azure Network Watcher now offers rule impact analysis in public preview. It lets you preview how security admin rules will affect your environment before applying them, including validating behavior and identifying possible conflicts.
Microsoft says Storm-1175 is running fast-moving Medusa ransomware campaigns that exploit recently disclosed vulnerabilities in web-facing systems for initial access, data theft, and ransomware deployment. The actor uses Medusa ransomware, also referred to as Gaze.exe.
GitHub added organization-level runner controls for Copilot cloud agent development environments. Copilot cloud agent tasks now start on GitHub Actions, and orgs can control which runners are used instead of relying only on the default GitHub-hosted runner.
GitHub deprecated GPT-5.1 Codex, GPT-5.1-Codex-Max, and GPT-5.1-Codex-Mini across all GitHub Copilot experiences on April 1, 2026. The change applies to Copilot Chat, inline edits, ask and agent modes, and code completions.
GitHub added organization-level firewall settings for Copilot cloud agent. The built-in agent firewall can now be configured centrally to control internet access and help reduce prompt injection and data exfiltration risk.
Copilot cloud agent now signs every commit it creates. These commits show up as Verified on GitHub, indicating they were made by the agent and not altered after signing.
GitHub Copilot SDK is now in public preview. It provides building blocks to embed Copilot’s agentic capabilities into applications, workflows, and platform services.
GitHub Copilot organization reports now include per-user GitHub Copilot CLI activity. This completes CLI metrics coverage across enterprise-, user-, and organization-level reporting.
GitHub Actions added entrypoint and command overrides for service containers. The update also includes new security features: OIDC custom properties and VNET failover.
C# 15 adds preview support for union types, letting you define a closed set of case types with implicit conversions and exhaustive pattern matching. The post also notes this fits into a broader exhaustiveness roadmap.
The provided content only includes the title and a link, without any release note details to summarize.
Python apps hosted on Azure App Service on Windows and Azure Functions on Windows will be retired on March 31, 2027. After that date, app configuration and content remain, but the apps will stop running.
AzureDnsZone endpoints (preview) for Azure Blob storage accounts will be retired in March 2027. Microsoft advises moving all new and existing blob storage account deployments to Standard endpoints.
Microsoft says threat actors are increasingly using generative AI to improve cyberattacks, including much higher phishing click-through rates and industrialized MFA bypass. The post frames AI as part of the attack surface, not just a tool attackers use.
Microsoft describes a Linux-hosting intrusion technique where PHP webshells are triggered by specially crafted HTTP cookies. The post covers obfuscation, php-fpm execution, and cron-based persistence used to hide activity and maintain access.
GitHub Copilot in Visual Studio got extensibility updates in the March 2026 release, including custom agents, agent skills, and new tools that improve agent capabilities.
GitHub has renamed the top-level Security tab to Security & quality across repositories, organizations, and enterprises on github.com. The navigation now groups code quality findings together with security-related information.
GitHub says improved search for Issues is now generally available. It was previously in public preview and later added to the Issues dashboard.
GitHub Copilot organization custom instructions are now generally available. Copilot Business and Copilot Enterprise org admins can set default instructions for their organization.
Service Fabric support for clusters running on Windows Server 2022 ends on March 31, 2027. Customers need to move to Windows Server 2025 before then to stay supported.
Microsoft reports that Axios was compromised in a March 31, 2026 npm supply chain attack. Two newly published version-update packages were used to download from command-and-control infrastructure, which Microsoft Threat Intelligence attributes to the North Korean actor Sapphire Sleet.
Service Fabric support for clusters running on Windows Server 2019 ends on March 31, 2027. Customers need to upgrade to Windows Server 2025 by then to stay supported.
Azure App Configuration now integrates with Azure Front Door in public preview, allowing dynamic configuration to be delivered directly to client-side applications at CDN scale. The update focuses on secure distribution and new flexibility for modern app configurations.
Azure Data Box now automatically provides a downloadable Secure Erasure Certificate for each completed order. The certificate verifies the device data was securely erased according to NIST 800-88 Revision 2.
Azure Data Box now supports ingesting data into Azure Files Provisioned v2 storage accounts. Azure Files Provisioned v2 lets customers provision and pay for specific capacity, IOPS, and throughput.
Azure NetApp Files adds a QoS update for cool access on Premium and Ultra service levels. Throughput now adjusts automatically as data moves to cool storage, helping balance performance and cost for mixed hot and cool workloads.
Microsoft will retire eight Azure AI Language features on March 20, 2027. The notice lists Key Phrase Extraction, Sentiment Analysis and Opinion Mining, Custom Text Classification, Conversational Language Understanding (CLU), Custom Question Answering (CQA), and other related language features.
GitHub Codespaces is now generally available for GitHub Enterprise Cloud with data residency. Enterprises can use cloud development environments with configurable security while keeping data residency requirements in place.
GPT-5.4 mini is now generally available to Copilot Student users through Copilot auto model selection. It is included in Auto for GitHub Copilot Chat in supported clients such as Visual Studio Code and Visual Studio.
GitHub Mobile now includes a refreshed Copilot tab, native session logs, and additional in-app controls for agent sessions. The update is aimed at making it easier to manage agentic workflows from the mobile app.
GitHub Mobile adds an Assign an Agent option in the issue overflow menu, making it faster to delegate work from an issue. The update is focused on quicker access to agent assignment and more flexible delegation from mobile.
The page is an article introducing an agentic AI email bot built on AWS Bedrock AgentCore with Microsoft O365 integration. The provided excerpt is only a brief tagline and does not include implementation details.
GitHub will deprecate Claude Sonnet 4 in all GitHub Copilot experiences on 2026-05-01. Users are directed to switch to the suggested alternative model.