News | Tech Hub

GitHub Actions Policy Adds Blocking and SHA Pinning for Enhanced SecurityAllison outlines recent improvements to GitHub Actions policies, focusing on blocking vulnerable actions and enforcing SHA pinning to enhance repository and workflow security.

The GitHub Blog 2025-08-15

CodeQL Expands Support for Kotlin and Improves Static Analysis AccuracyAllison reports on recent updates to CodeQL, featuring expanded Kotlin support, enhanced Rust analysis, and improved query accuracy for JavaScript and React, ensuring better static analysis and security scanning for...

The GitHub Blog 2025-08-14

Queensland Government Enhances Cybersecurity for Vulnerable Communities with Microsoft 365 E5stclarke outlines the Queensland Government’s journey in transforming its cybersecurity posture by consolidating tools under Microsoft 365 E5, deploying Defender and Sentinel, and aligning with modern security practices for greater...

Microsoft News 2025-08-14

GitHub Enterprise Importer Incident and IP Range Update: July 2025 Availability ReportJakub Oleksy reports on the July 2025 service disruption affecting GitHub Enterprise Importer, focusing on incident details, infrastructure changes, updated IP allow list requirements for Azure and other cloud migrations,...

The GitHub Blog 2025-08-13

GitHub MCP Server Enhances Secret Scanning and Push Protection for Public RepositoriesAllison introduces major enhancements in secret scanning and push protection for the GitHub MCP server, explaining how these features help secure public repository workflows against credential leaks and prompt injection...

The GitHub Blog 2025-08-13

Connect with the Security Community at Microsoft Ignite 2025stclarke highlights Microsoft Ignite 2025, an event tailored for security professionals and leaders to explore AI-powered security innovations, network with peers, and participate in hands-on labs and certification opportunities.

Microsoft News 2025-08-13

Azure DevOps Improves OAuth Client Secret Security: Secrets Now Shown Only OnceAngel Wong announces an important change to how Azure DevOps handles OAuth client secrets, introducing a ‘show-once’ system to improve security and retiring the existing secret retrieval API.

Microsoft DevBlog 2025-08-13

Secret Scanning Expands Support: 12 New Token Validators Added to GitHubAllison reports on GitHub’s secret scanning improvements, highlighting expanded support for 12 new token types and enhanced credential validity checks to bolster repository security.

The GitHub Blog 2025-08-12

How Dow Uses Microsoft Security Copilot and AI to Transform Cybersecurity Operationsstclarke explores how Mario Ferket and Dow have integrated Microsoft Security Copilot and AI into their cybersecurity operations, improving automation, threat detection, and analyst mentorship.

Microsoft News 2025-08-12

Secret Validity Checks Launch in GitHub Advanced Security for Azure DevOpsMichael Omokoh introduces the secret validity checks feature in GitHub Advanced Security for Azure DevOps, showing how developers and security teams can now prioritize remediation of live secrets and stay...

Microsoft DevBlog 2025-08-12

Microsoft Recognized as a Leader in the 2025 Gartner Magic Quadrant for Container ManagementSean McKenna reports on Microsoft’s continued leadership in the 2025 Gartner Magic Quadrant for Container Management. The post highlights innovations in Azure’s container portfolio, developer and operational tooling, AI workloads,...

The Azure Blog 2025-08-12

Continuous Access Evaluation (CAE) Brings Real-Time Security to Azure DevOpsAngel Wong introduces support for Continuous Access Evaluation (CAE) on Azure DevOps, discussing its impact on real-time security and the implications for developers using Microsoft Entra ID.

Microsoft DevBlog 2025-08-12

Securing the Open Source Supply Chain: Impact of the GitHub Secure Open Source FundAuthored by Kevin Crosby, this article highlights how 71 critical open source projects—supported by the GitHub Secure Open Source Fund and partners like Microsoft—improved their security posture with tangible results...

The GitHub Blog 2025-08-11

Customer-Managed Keys for Microsoft Fabric Workspaces Now in Public PreviewMicrosoft Fabric Blog announces the public preview of customer-managed keys (CMK) for Fabric workspaces, allowing teams to implement stronger data protection and compliance measures. Authored by the Microsoft Fabric Blog...

Microsoft Fabric Blog 2025-08-11

Introducing Support for Workspace Identity Authentication in Fabric ConnectorsThe Microsoft Fabric Blog team, including co-author Meenal Srivastva, announces expanded workspace identity authentication support in Microsoft Fabric connectors, detailing security improvements and implementation steps.

Microsoft Fabric Blog 2025-08-11

GPT-5 Launches in Azure AI Foundry: New Era for AI Apps, Agents, and DevelopersSteve Sweetman announces the general availability of GPT-5 in Azure AI Foundry, detailing its rollout to developers via GitHub Copilot and VS Code, enhanced reasoning, orchestration features, and robust security...

The Azure Blog 2025-08-07

Announcing Public Preview of the Phishing Triage Agent in Microsoft DefenderCristina Da Gama Henriquez announces the public preview of the Phishing Triage Agent in Microsoft Defender, highlighting its AI-powered, autonomous phishing detection capabilities for SOC teams.

Microsoft Security Blog 2025-08-07

Microsoft Bounty Program Year in Review: $17 Million Awarded to Security Researchersstclarke presents a comprehensive year-in-review of the Microsoft Bounty Program, showcasing $17 million in rewards, the impact of security research collaborations, and updates to Microsoft’s vulnerability reward initiatives.

Microsoft News 2025-08-06

Practical Guidance: Launching Microsoft Secure Future Initiative Patterns and PracticesIn this post, stclarke introduces the Microsoft Secure Future Initiative (SFI) patterns and practices—a library of practical security solutions aimed at helping organizations enhance security at scale, informed by Microsoft’s...

Microsoft News 2025-08-06

5 Copilot Chat Prompts .NET Developers Should Use NowIn this blog, Wendy Breiding presents five practical GitHub Copilot Chat prompts specifically designed to help .NET developers boost productivity, code quality, and security when working on Microsoft technologies.

Microsoft .NET Blog 2025-08-06

Project Ire: Autonomous AI Agent for Large-Scale Malware Detection and ClassificationWritten by stclarke, this post presents Project Ire, Microsoft’s new autonomous AI agent built for large-scale malware detection by reverse engineering and classifying threats. The article addresses technical foundations, system...

Microsoft News 2025-08-05

General Availability of Network Security Perimeter for Azure MonitorMahesh Sundaram announces the general availability of Network Security Perimeter for Azure Monitor, explaining its benefits for securing Azure monitoring data through enhanced network isolation and access controls.

Microsoft Tech Community 2025-08-05

Azure API Management Adds MCP Support in v2 SKUs and External Server Integrationanishta reports on key Azure API Management updates, including public preview MCP support in v2 SKUs and streamlined governance for external MCP-compliant servers, helping organizations connect APIs and AI agents...

Microsoft Tech Community 2025-08-05

Elevate Your Protection with Expanded Microsoft Defender Experts CoverageAuthored by Henry Yan and Sylvie Liu, this post introduces new 24/7, expert-driven protections from Microsoft Defender Experts for protecting cloud workloads, including support for multicloud environments.

Microsoft Security Blog 2025-08-05

What’s New in Copilot Studio: July 2025 Feature RoundupIn this comprehensive roundup, stclarke highlights major new capabilities added to Microsoft Copilot Studio in July 2025, focusing on AI-powered agent creation, secure data integration, and robust analytics and admin...

Microsoft News 2025-08-05

General Availability of Azure Monitor Auxiliary Logs, New Features, and Price ReductionAdiBiran outlines Azure Monitor Auxiliary Logs’ general availability, new features, and lower pricing, highlighting enhancements in querying, data transformations, and large-scale log management for Microsoft customers.

Microsoft Tech Community 2025-08-05

What’s New in Fabric Warehouse – July 2025: AI, Performance, and Modern Data EngineeringThis comprehensive recap from the Microsoft Fabric Blog details July 2025’s new features and enhancements for Fabric Warehouse, including AI integration, security, performance improvements, and developer tools, making it relevant...

Microsoft Fabric Blog 2025-08-05

Automate Open-Source Dependency Scanning in Azure DevOps with Advanced SecurityLaura Jiang explores automating open-source dependency scanning in Azure DevOps with GitHub Advanced Security, focusing on setup, integration, and how results are surfaced for developers.

Microsoft DevBlog 2025-08-04

What’s New in Azure AI Foundry: July 2025 Releases and UpdatesAuthored by Nick Brady, this post highlights the July 2025 updates to Azure AI Foundry, including Deep Research Agent, GPT-image-1 model improvements, agent tools, and platform and security features for...

Microsoft DevBlog 2025-08-04

The new Dependabot NuGet updater: 65% faster with native .NETJamie Magee and Brett Forsgren share how Dependabot’s revamped NuGet updater uses .NET’s own tooling to bring faster, more reliable, and more secure dependency updates to developers.

Microsoft .NET Blog 2025-08-04

Microsoft Entra Suite Delivers 131% ROI Through Unified Identity and Network AccessIrina Nechaeva reports on a Forrester study showing that organizations using Microsoft Entra Suite achieved a 131% ROI by improving identity and network access security.

Microsoft Security Blog 2025-08-04

Fabric Platform Ends Support for TLS 1.1 and EarlierMicrosoft Fabric Blog announces the end of support for TLS 1.1 and earlier on the Fabric platform. Authors provide key migration steps and security implications for organizations relying on Fabric...

Microsoft Fabric Blog 2025-08-04

Russian Threat Actor Secret Blizzard's AiTM Campaign Targets Diplomats with ApolloShadow Malwarestclarke presents an in-depth look at Microsoft’s findings on the Russian state actor Secret Blizzard’s AiTM attack on diplomats in Moscow, revealing their use of ApolloShadow malware, attack flow, and...

Microsoft News 2025-07-31

Modernize Your Identity Defense with Microsoft Identity Threat Detection and ResponseEric Sachs and Yaron Paryanty discuss Microsoft’s integrated approach to identity threat detection and response, providing actionable insights for strengthening identity security.

Microsoft Security Blog 2025-07-31

Experience the New Visual SQL Audit Logs Configuration in Fabric WarehouseMicrosoft Fabric Blog introduces a new visual experience for configuring SQL Audit Logs in Fabric Data Warehouse, detailing improved audit management and compliance flexibility for data professionals.

Microsoft Fabric Blog 2025-07-31

Azure SDK Release Highlights and Updates for July 2025Ronnie Geraghty summarizes the key updates in the July 2025 Azure SDK release, detailing new features, bug fixes, stable and beta releases for languages like Python, .NET, and more.

Microsoft DevBlog 2025-07-31

A Practical Guide to Using the GitHub MCP Server for Automated AI WorkflowsAndrea Griffiths explores the migration from a local MCP Docker image to GitHub’s managed MCP server, streamlining authentication, automation, and security-focused AI workflows with GitHub Copilot integration.

The GitHub Blog 2025-07-30

Fabric July 2025 Feature SummaryThis article by Microsoft Fabric Blog offers a comprehensive summary of July 2025’s new features in Microsoft Fabric, authored by Patrick LeBlanc. Key updates span data science, governance, Power BI,...

Microsoft Fabric Blog 2025-07-30

Spotlight-based macOS TCC Vulnerability CVE-2025-31199: Analysis by Microsoft Threat IntelligenceIn this technical breakdown by Microsoft Threat Intelligence, authors Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca uncover and analyze the new macOS Spotlight-based TCC vulnerability, CVE-2025-31199, and discuss its...

Microsoft Security Blog 2025-07-28

How to Build Secure and Scalable Remote MCP ServersAuthored by Den Delimarsky, this article offers a thorough walkthrough for developers on building secure, scalable MCP servers. It focuses on robust security, authorization, secrets management, and architectural practices needed...

The GitHub Blog 2025-07-25

How to Streamline GitHub API Calls in Azure Pipelines Using a Custom DevOps ExtensionWritten by Tiago Pascoal, this post details how to build a custom Azure DevOps extension for secure, efficient, and centralized authentication with GitHub APIs from Azure Pipelines, streamlining automation and...

The GitHub Blog 2025-07-24

We Need a European Sovereign Tech Fund to Sustain Open Source SoftwareAuthored by Felix Reda, this article calls for greater public investment in open source software through a proposed European Sovereign Tech Fund, highlighting GitHub’s policy efforts and recommendations to address...

The GitHub Blog 2025-07-23

MCP C# SDK Updated: Protocol 2025-06-18 Brings Elicitation, Structured Output, and Enhanced SecurityIn this post, Mike Kistler presents the major update for the MCP C# SDK, introducing support for protocol version 2025-06-18. The release offers .NET developers new features such as elicitation,...

Microsoft .NET Blog 2025-07-22

Mitigating Active Exploitation of On-Premises SharePoint VulnerabilitiesMicrosoft Threat Intelligence reports on recent attacks exploiting SharePoint vulnerabilities, with actionable defense steps for organizations. This summary highlights author guidance for defenders and SharePoint administrators facing these advanced threats....

Microsoft Security Blog 2025-07-22

Microsoft Sentinel Data Lake: Unifying Security Signals and Driving AI AdoptionScott Woodgate and Krishna Kumar Parthasarathy introduce a new data lake for Microsoft Sentinel, enhancing unified security data management, AI-driven insights, and affordability for security teams.

Microsoft Security Blog 2025-07-22

Microsoft at Black Hat USA 2025: A Unified Approach to Modern Cyber DefenseIn this announcement, author Elliot Volkman shares Microsoft’s plans for Black Hat USA 2025, focusing on AI-driven, unified security solutions. Learn what to expect and how to connect with Microsoft...

Microsoft Security Blog 2025-07-18

Microsoft Defender for Office 365: Transparent Benchmarks on Email Security EffectivenessRamya Chitrakar and Scott Woodgate present Microsoft’s latest efforts to make email security performance more transparent, including dashboards and benchmarking reports for Defender for Office 365 and comparisons with other...

Microsoft Security Blog 2025-07-17

Microsoft Azure AI Foundry Models and Security Copilot Achieve ISO/IEC 42001:2023 CertificationIn this post, Molly Bostic announces Microsoft’s ISO/IEC 42001:2023 certification for Azure AI Foundry Models and Microsoft Security Copilot, detailing the implications for responsible AI, security, and compliance efforts.

The Azure Blog 2025-07-17

Microsoft Named a Leader in Gartner's 2025 Magic Quadrant for Endpoint ProtectionRob Lefferts shares Microsoft’s achievement as a Leader in the 2025 Gartner Magic Quadrant for Endpoint Protection Platforms, recognizing Defender for Endpoint’s effectiveness against advanced cyberthreats.

Microsoft Security Blog 2025-07-16

How to Catch GitHub Actions Workflow Injections Before Attackers DoIn this article, Dylan Birtolo addresses strategies for detecting and mitigating GitHub Actions workflow injections, offering practical guidance on boosting repository security.

The GitHub Blog 2025-07-16

Configure internet access for Copilot coding agentIn this article, Allison discusses new updates to GitHub Copilot, specifically focusing on changes to its internet access during the public preview phase. The updates aim to better protect user...

The GitHub Blog 2025-07-16

Databricks Runs Best on Azure: Performance, Integration, and AI SynergyIn this post, Jason Pereira and Anavi Nahar outline how Azure Databricks delivers a streamlined, high-performance environment for analytics and AI, leveraging tight integration with the Microsoft ecosystem.

The Azure Blog 2025-07-15

Security Copilot capabilities in Microsoft Intune and Entra now generally availableIn this article, author stclarke discusses the general availability of Security Copilot capabilities within Microsoft Intune and Microsoft Entra. The announcement highlights how these integrations bring enhanced AI-driven security automation,...

Microsoft News 2025-07-14

Microsoft Expands Zero Trust Workshop: Network, Infrastructure, and SecOps Now IncludedIn this article, Rob Lefferts explains Microsoft’s expanded Zero Trust workshop, now featuring guidance on network, infrastructure, and SecOps pillars to help organizations enhance their security posture and operational workflows....

Microsoft Security Blog 2025-07-09

July Patches for Azure DevOps Server Now AvailableAuthored by Gloridel Morales, this post announces July patches for Azure DevOps Server, highlighting key fixes and steps for users to ensure secure and updated deployments.

Microsoft DevBlog 2025-07-09

.NET and .NET Framework July 2025 Servicing Releases UpdatesAuthored by Tara Overfield and Victor Israel-Bolarinwa, this article outlines the latest servicing updates released for .NET and .NET Framework in July 2025.

Microsoft .NET Blog 2025-07-08

New e-book teaches how to build an AI-powered security operations centerIn this article, stclarke discusses the release of a new e-book that serves as a comprehensive guide for building an AI-powered security operations center (SOC).

Microsoft News 2025-07-07

Automating Secure and Scalable AI Deployments on Azure with HashiCorpWritten by cindywang and davidwright, this article delves into automating secure and scalable AI deployments using HashiCorp and Azure, highlighting infrastructure-as-code, security, and operational best practices.

Microsoft DevBlog 2025-07-04

Join Us for MCP Dev Days – July 29-30: Deep Dive into the Model Context ProtocolAuthored by Katie Savage and Marc Baiza, this post introduces MCP Dev Days, a Microsoft event dedicated to the Model Context Protocol (MCP), offering deep technical content, hands-on sessions, and...

Microsoft DevBlog 2025-07-02

Jasper Sleet - North Korean remote IT workers’ evolving tactics to infiltrate organizationsIn this article, stclarke discusses the latest strategies employed by North Korean remote IT workers aiming to infiltrate organizations globally.

Microsoft News 2025-07-01

Building Secure, Scalable Generative AI in the Cloud with Microsoft AzureMaria Bledsoe discusses Forrester Research findings on how Microsoft Azure enables enterprises to securely and efficiently scale generative AI, highlighting the platform’s security, compliance, and data management capabilities.

The Azure Blog 2025-07-01

Removing Azure Resource Manager Reliance on Azure DevOps Sign-insAngel Wong announces important authentication updates for Azure DevOps, moving away from Azure Resource Manager dependence for Entra sign-ins. This guide helps administrators prepare for the coming changes in Conditional...

Microsoft DevBlog 2025-06-25

IDC Study: 306% ROI in 3 Years Migrating Ubuntu Linux Workloads to Microsoft AzureOmar Khan reviews IDC’s findings on the impact of running Ubuntu workloads on Microsoft Azure, detailing ROI, cost savings, and productivity.

The Azure Blog 2025-06-20

Announcing General Availability of GitHub Copilot for Azure—Now with Agent ModeYun Jung Choi introduces the general availability of GitHub Copilot for Azure, highlighting its new Agent Mode that transforms DevOps workflows with integrated AI, enhanced security, and rich Azure support....

Microsoft DevBlog 2025-06-19

Maximize Your ROI for Azure OpenAI: Pricing, Deployment, and Cost Optimization StrategiesIn this article, Steve Sweetman explores maximizing returns with Azure OpenAI by reviewing flexible pricing, deployment types, cost-saving features, and integration across the Azure AI ecosystem.

The Azure Blog 2025-06-18

Securely Turbo‑Charge Software Delivery with Codex Coding Agent on Azure OpenAIIn this detailed guide, Govind Kamtamneni explains how to run the Codex Coding Agent securely on Azure OpenAI. He covers setup, enterprise security benefits, automation via GitHub Actions, and troubleshooting...

Microsoft DevBlog 2025-06-18

Security and Trust in Visual Studio Marketplace: Safeguarding Extensions for DevelopersAuthored by Sean, this article delivers a comprehensive overview of efforts to ensure extension security and developer trust in the Visual Studio Marketplace, outlining both current safeguards and planned investments....

Microsoft DevBlog 2025-06-12

June Patches Released for Azure DevOps Server 2022.2: Improvements & Important UpdatesGloridel Morales announces the June patches for Azure DevOps Server 2022.2, highlighting Test Plans enhancements and addressing an ongoing issue with Patch 6, along with installation recommendations and verification steps....

Microsoft DevBlog 2025-06-10

Restricting PAT Creation in Azure DevOps Preview: New Granular Controls for AdministratorsWritten by Angel Wong, this article explores the new preview policy in Azure DevOps to restrict personal access token creation. It details how organizations can reduce PAT usage and strengthen...

Microsoft DevBlog 2025-06-05

Microsoft and LangChain: Advancing AI Security for Open Source on AzureAuthored by Marlene Mhangami, this article examines Microsoft’s partnership with LangChain to bolster AI security for open-source developers on Azure. The collaboration addresses integration risks while ensuring enterprises can safely...

Microsoft DevBlog 2025-06-05

Azure SDK Release Highlights and Notes for May 2025Written by Ronnie Geraghty, this overview summarizes the Azure SDK May 2025 release, detailing new features, stable and beta libraries for multiple programming languages, and links to comprehensive release notes....

Microsoft DevBlog 2025-06-03

GitHub Secret Protection and Code Security Now Available for Azure DevOpsLaura Jiang introduces the new standalone GitHub Secret Protection and GitHub Code Security products for Azure DevOps, highlighting their features, pricing structure, and steps for implementation within organizations.

Microsoft DevBlog 2025-06-02

Connect Once, Integrate Anywhere: Model Context Protocol (MCP) for AI IntegrationIn this article, Maria Naggaga details the Model Context Protocol (MCP), outlining its impact on AI integration and developer productivity, with insights on leveraging GitHub Copilot, Visual Studio, Azure API...

Microsoft DevBlog 2025-05-21

Azure MCP Server – May 2025 Release: New Integrations and FeaturesRohit Ganguly presents the May 2025 release of Azure MCP Server, focusing on new service integrations, improved documentation, and tools for developers, including collaboration with GitHub Copilot for Azure.

Microsoft DevBlog 2025-05-20

Azure Toolkit for IntelliJ Brings Enhanced Java Code Quality Analyzer for Azure SDK DevelopmentSameeksha Vaity details the latest enhancements to the Azure Toolkit for IntelliJ, highlighting a powerful Java Code Quality Analyzer aimed at improving code quality, security, and performance for developers working...

Microsoft DevBlog 2025-04-18

PowerShell, OpenSSH, and DSC Team Investments for 2025: Security, Integrations, and Community PrioritiesSteve Lee shares an in-depth look at the planned investments for PowerShell, OpenSSH, and Desired State Configuration (DSC) in 2025, emphasizing security, community input, and modernization across Microsoft’s open tooling...

Microsoft PowerShell Blog 2025-04-14

Introducing Spring Cloud Azure Starter Key Vault JCA for Streamlined TLS and mTLS in Spring BootMoary Chen introduces the Spring Cloud Azure Starter Key Vault JCA, showing how to streamline TLS and mTLS for Spring Boot using Azure Key Vault for secure certificate management.

Microsoft DevBlog 2025-04-11

Azure Developer CLI (azd) – March 2025 Release: New Features, Bug Fixes, and Updated TemplatesAuthored by Kristen Womack, this news post details the March 2025 Azure Developer CLI (azd) release, covering notable new features, bug fixes, contributions on templates, and enhanced support for AI...

Microsoft DevBlog 2025-03-07

Finding Leaked Passwords with AI: Building GitHub Copilot Secret ScanningAuthored by Ashwin Mohan, this post delves into the creation and refinement of GitHub Copilot secret scanning, highlighting the AI-powered approach to detecting passwords and managing security alerts for developers...

GitHub Engineering Blog 2025-03-04

Common Annotated Security Keys: Enhancing Token Format Security with CASK at Microsoft and GitHubIn this article, Michael C. Fanning details how GitHub and Microsoft are advancing secure secret management through the Common Annotated Security Standard (CASK), outlining its technical features and its role...

Microsoft DevBlog 2024-09-25

Security Update: Changes to URI Expiry Time in Azure Notification HubsAuthored by Sreehari R, this update details upcoming changes to Azure Notification Hubs’ URI expiry policy, focusing on improved security and guidance for users.

Microsoft DevBlog 2024-09-25