Browse All News (744)

Natalie Guevara summarizes GitHub’s April 2026 availability incidents, including outages and degradations affecting code search, audit logs, Copilot services, Pages, Codespaces, Actions, and other platform features, with root causes and concrete follow-up actions to improve detection, resilience, and recovery.

Sunitha Muthukrishna announces a public preview feature in Microsoft Fabric API for GraphQL that lets you enforce custom authorization rules via an Authorizer User Data Function, enabling policy-based access decisions using request context like user identity, roles, and tenant information.

Imran Siddique and Shawn Henry explain how Microsoft Agent Framework and the Agent Governance Toolkit (AGT) fit together to run AI agents safely in production, with deterministic runtime policy checks, budget enforcement, and end-to-end auditability across local and cross-boundary (A2A) agent interactions.

Allison outlines upcoming GitHub Actions hosted runner image migrations, including GitHub taking over Arm64 runner image maintenance, a Windows runner move to Visual Studio 2026, and the macos-latest label shifting to macOS 26 with guidance on pinning specific images.

Gloridel Morales announces the May 2026 patch releases for Azure DevOps Server and lists the patched versions with download links and release notes, plus a quick command to verify whether a patch is installed on your server.

Allison announces a technical preview of the GitHub Copilot app, a GitHub-native desktop experience for running focused, isolated agentic coding sessions from issues and pull requests, then validating changes and landing them through normal PR review and checks.

Alyssa Ofstein and Elliot H Omiya explain how defense in depth needs to adapt for autonomous AI agents, focusing on application-layer controls that bound what agents can do, how they get permissions, when humans must approve actions, and how identity makes agent behavior auditable.

Natalie Guevara explains how the GitHub Issues team made navigation feel instant by shifting work to the client: an IndexedDB-backed cache with stale-while-revalidate, a “preheating” strategy to raise cache-hit rates without flooding the backend, and a service worker that accelerates Turbo and hard navigations.

Ronnie Geraghty announces the GA (stable) release of the Azure SDK for Rust, covering the now-stable core, identity, Key Vault, and Storage crates. The post highlights API stability and semver guarantees, improved paging and long-running operations primitives, built-in resilience, and OpenTelemetry-based observability, with a quickstart example for authenticating and listing blobs.

Jim Harrer announces the VSLive! Microsoft AI Hackathon 2026 at Microsoft HQ in Redmond, a hands-on evening build event designed to help teams ship real prototypes using Azure OpenAI, Azure AI Foundry, GitHub Copilot, and agent-based patterns, with judging criteria that emphasize architecture, security, and practical value.

stclarke summarizes SAP Sapphire 2026 announcements focused on running SAP workloads on Azure and moving enterprise AI from pilots to production, including Azure OpenAI + Copilot Studio scenarios, Microsoft Fabric connectivity to SAP data, sovereign cloud options for regulated industries, and Sentinel-based monitoring for SAP landscapes.

Microsoft Defender Security Research Team and Yossi Weizman break down real-world “exploitable misconfigurations” in cloud-native AI apps—especially Kubernetes deployments where exposed services and weak auth can lead to RCE, credential theft, and data leaks—and show what to harden and what Defender for Cloud can detect.

Allison announces that GitHub Copilot’s cloud agent now supports Auto model selection, letting Copilot pick the best available model based on system health and performance, with a discounted model multiplier and no weekly rate-limit impact.

The Visual Studio Code Team shares the 1.121 (Insiders) release notes, covering Copilot Chat and agent terminal improvements, model picker updates, terminal output compression for common dev tools, SSH authentication enhancements, and a newer bundled ConPTY on Windows.

Allison announces updates to GitHub Copilot for JetBrains IDEs, including a public preview of the Copilot CLI agent inside the IDE, a unified sessions view for tracking agent runs, and new agent-mode capabilities like an Ask question tool and global custom agent configuration.

Adam Sitnik details the biggest update to System.Diagnostics.Process in years, introducing new .NET 11 APIs for starting processes, capturing stdout/stderr without deadlocks, controlling handle inheritance and redirection, and managing process lifetimes, with benchmarks showing reduced allocations and better scalability across Windows, Linux, and Apple platforms.

Allison announces a public preview REST API that lets GitHub Apps detect whether they’re installed on an enterprise and retrieve the enterprise installation ID, making it faster to obtain an enterprise installation token without paging through all installations.

Shreyas Canchi Radhakrishna announces a preview update to Microsoft Fabric Data Agent that expands how it can query Eventhouse KQL databases by understanding user-defined functions, materialized views, and shortcut tables, improving consistency, performance, and access to external data sources.

Allison announces a public preview REST API that lets Copilot Business and Copilot Enterprise customers start and track Copilot cloud agent tasks programmatically, enabling custom automations that fan out work across repos and open pull requests with validated changes.

David Ortinau explains the .NET 11 Preview 4 change that makes CoreCLR the default runtime for .NET MAUI apps on Android, iOS, and Mac Catalyst, and what developers should test as they validate the transition.

Roberto Cervantes Rivero announces a preview feature in Microsoft Fabric: Eventstream can now publish Business Events directly to Real-Time Hub as a native destination. The post explains what Business Events are (schema-defined, governed signals), when no-code publishing fits, and when custom code via notebooks or user data functions is still needed.

Allison announces the GitHub Enterprise Server (GHES) 3.21 release candidate, highlighting updates for enterprise admins and platform teams across governance, GitHub Projects, REST API versioning, GitHub Actions workflow UI performance, secret scanning permissions, and storage configuration for MySQL and repository data.

Iqra Shaikh explains why treating database schema changes like application code—stored in Git and shipped via pull requests—reduces risk and improves traceability, and how SQL Database in Microsoft Fabric supports this workflow with built-in Git integration for GitHub and Azure DevOps.

Amir Jafari announces preview support for service principal (SPN) authentication for Microsoft Fabric data agents, explaining why app identities matter for production deployments and outlining two common patterns: calling a data agent directly from a custom app, or routing through a Microsoft Foundry agent.

Simona Liao introduces Agent Skills in Visual Studio, a way to package reusable, task-specific instructions so Copilot agents can follow your team’s workflows and standards. The post shows how to create and manage skills in the IDE or from your repo, and when to use skills versus custom instructions.

Satya Nadella shares an update on Microsoft’s multi-model agentic security system, which uses 100+ specialized agents across frontier and custom models to find exploitable bugs, topped the CyberGym benchmark, and helped identify and fix 16 vulnerabilities ahead of Patch Tuesday, with a private preview now available.

.NET Team announces .NET 11 Preview 4 and highlights what’s new across the runtime, SDK, libraries, ASP.NET Core, .NET MAUI, C#, and Entity Framework Core, with links to detailed release notes and guidance on installing the preview SDK.

Taesoo Kim announces MDASH, Microsoft Security’s multi-model agentic scanning harness, and explains how it uses specialized AI agents to find, validate, and prove vulnerabilities end-to-end. The post shares benchmark results, details 16 Patch Tuesday CVEs found in Windows networking/auth components, and includes two technical deep dives.

Taesoo Kim introduces MDASH, Microsoft’s multi-model agentic scanning harness, and explains how it’s being used to find and validate real Windows vulnerabilities end-to-end. The post breaks down the pipeline stages (prepare/scan/validate/dedup/prove), shares benchmark results, and details 16 Patch Tuesday CVEs plus two technical deep dives.

stclarke summarizes Microsoft and Red Hat’s Red Hat Summit 2026 updates for Azure Red Hat OpenShift, focusing on running modern apps and production AI with enterprise governance. It highlights OpenShift Virtualization for VM-to-Kubernetes migration, identity and confidential computing features, GPU-backed AI workloads, and expanded regional availability.

Allison announces improvements to GitHub Copilot code review comments in pull requests, aimed at making feedback easier to scan and act on with severity labels and grouped suggestions to reduce repetitive noise.

Allison announces that April usage reports are now available so GitHub Copilot admins and individual users can estimate how activity maps to AI credits ahead of the June 1 move to usage-based billing, including known gaps and data-quality issues in the report.

Rahul Bhandari (MSFT) and Tara Overfield recap the May 2026 servicing releases for .NET and .NET Framework, including security and non-security fixes, the CVEs addressed, and where to find release notes, installers, container images, Linux packages, and known issues.

Allison summarizes what’s new in CodeQL 2.25.4 for GitHub code scanning, including Swift 6.3.1 support, improved C# and ASP.NET taint-flow modeling, expanded Java/Kotlin query sanitizers to reduce false positives, and new data-flow barrier extensions to tune results across many languages.

Natalie Guevara announces updates to GitHub Copilot’s individual plans ahead of the June 1, 2026 move to usage-based billing, including new “flex allotments” for Pro and Pro+ and a new Max plan for higher-volume usage.

Matt Basile introduces OneLake storage tiers and lifecycle management in Microsoft Fabric (preview), explaining how admins can reduce long-term storage costs by automatically moving files between hot, cool, and cold tiers while accounting for the trade-off of higher transaction, retrieval, and capacity (CU) costs.

Ambika Jagadish announces a preview feature in Microsoft Fabric Warehouse that lets teams configure how many days of historical data versions are retained (1–120 days) using a single T-SQL command, enabling time travel queries, point-in-time clones, restore points, and warehouse snapshots.

samkemp announces Foundry Local 1.1.0, adding on-device live speech transcription, text embeddings for semantic search/RAG, and an Open Responses API client for streaming, tool calling, and vision. The post also covers WebGPU as an optional plugin, smaller JavaScript packages, and broader .NET compatibility for the C# SDK.

Allison announces the deprecation of GitHub’s synchronous SBOM REST endpoint and explains how to migrate scripts and integrations to the newer asynchronous SBOM report generation flow ahead of the November 13, 2026 removal date.

Kumar Srinivasamurthy outlines how modern DDoS campaigns have shifted toward multi-vector and application-layer abuse, and shares a defense-in-depth approach for keeping consumer-facing services usable under sustained attack, including edge filtering, resilient architecture, and planned graceful degradation.