Browse Security News (292)

Allison announces GitHub Enterprise Server (GHES) 3.21 general availability, highlighting updates for enterprise admins including organization custom properties for targeting rulesets, GitHub Projects hierarchy view, a new REST API version with breaking changes, GitHub Actions workflow page performance improvements, secret scanning governance updates, and multi-disk storage configuration.

Allison announces an update to GitHub Actions where pull requests opened by github-actions[bot] can run CI/CD workflows after a user with write access approves them, reducing the risk of merging untested bot changes while keeping a security gate for workflows that can access sensitive data.

Natalie Guevara explains how GitHub improved secret scanning alert quality by adding LLM-based contextual verification, reducing false positives while keeping detection coverage. The post breaks down where verification fits in the pipeline, what “better context” means in practice, and the measured impact on customer-confirmed false positive alerts.

Allison announces that GitHub Agentic Workflows can now authenticate using GitHub Actions’ built-in GITHUB_TOKEN instead of a personal access token, reducing the risk of long-lived credentials and enabling organization-level billing for Copilot CLI usage in agentic workflows.

Laura Jiang announces Copilot Autofix in limited private preview for GitHub Advanced Security for Azure DevOps, which generates suggested fixes for supported CodeQL alerts and turns them into pull requests. The post explains what’s covered in preview, how the workflow fits into existing review gates, and how usage is billed via Azure.

analyticanna introduces Rayfin (Preview), an open-source SDK and CLI for turning content like markdown into shareable, hosted sites deployed as first-class items in Microsoft Fabric, with stable URLs, workspace-based access control, and data captured into a SQL database in Fabric for use across OneLake workloads.

Mehrnoosh Sameki, Sandeep Atluri, Minsoo Thigpen and Abby Palia introduce ASSERT, an open-source framework that turns natural-language behavior requirements into executable evaluation pipelines for AI models and agents, generating taxonomies, stratified test cases, traces, and scored results that teams can inspect and iterate on.

Aaron Merrill announces a preview feature in Microsoft Fabric’s OneLake catalog that lets admins assign, edit, and remove workspace role memberships across multiple workspaces from the Secure tab, helping teams standardize access controls and reduce drift as Fabric estates scale.

Allison announces incremental CodeQL analysis for Go and C/C++ pull request scans, plus incremental support in the CodeQL CLI, with measured speedups across thousands of repositories and details on when the feature is enabled by default.

Allison announces an experimental public preview feature in GitHub Copilot CLI: a /security-review command that reviews local code changes for common vulnerability classes and returns severity- and confidence-scored findings plus actionable fixes directly in the terminal.

The Microsoft Foundry Team announces Claude Fable 5 (Anthropic) is now available in Microsoft Foundry, and explains how it’s used to power autonomous agents in Foundry Agent Service and GitHub Copilot, with an emphasis on enterprise guardrails, governance controls, and token-based pricing.

Natalie Guevara explains how to define and run custom agents in GitHub Copilot CLI so repeated terminal tasks become consistent, reviewable workflows. The article shows how agent profiles live in your repo, and includes practical examples for security audits, IaC compliance checks, release notes drafting, and incident response.

Allison announces an update to GitHub code scanning that lets organizations keep security coverage on inactive repositories by running scheduled scans when there have been no pushes or pull requests for six months or more.

Allison announces that GitHub’s security validation for third-party coding agents is now generally available, bringing the same automated checks used for the GitHub Copilot cloud agent to agent-generated pull requests.

Jon Galloway recaps Microsoft Build 2026 with the main developer announcements across GitHub Copilot, Microsoft Foundry, Azure, Windows, Visual Studio, and .NET—highlighting agentic workflows, new tooling, governance specs, and a curated set of sessions and hubs to follow up on what shipped.

Allison announces general availability of IP allow list enforcement for GitHub Enterprise Cloud Enterprise Managed Users (EMUs), extending enterprise network access policies to repositories owned under EMU user namespaces and covering web, Git, and API access.

Microsoft Threat Intelligence and the Microsoft Defender Security Research Team break down recent phishing and malvertising campaigns that abuse popular AI brands (including ChatGPT, Claude, DeepSeek, and Microsoft Copilot) as lures, and provide concrete mitigation steps using Microsoft Defender, Entra ID, and related security controls.

Natalie Guevara answers common beginner GitHub questions, including how to set up SSH keys, create personal access tokens (fine-grained and classic), resolve merge conflicts, undo commits, sync forks, and review pull requests—plus a quick look at using GitHub Copilot for code review in PRs.

shiv_narayanan announces general availability of SharePoint and OneDrive Shortcuts in Microsoft Fabric OneLake, explaining how Fabric can reference Microsoft 365 files in place, optionally transform supported formats into Delta tables, and use Entra ID-based identities for production authentication and scale.

Allison summarizes what’s new in CodeQL 2.25.6 for GitHub code scanning, including Swift 6.3.2 support, full extractor and data flow coverage for C# 14 and .NET 10, and query improvements that expand sensitive-data detection and reduce false positives across multiple languages.

Microsoft Defender Security Research Team, Dor Edry and Amit Eliahu break down a prompt-injection pathway in Anthropic’s Claude Code GitHub Action that could leak CI/CD secrets by reading /proc/self/environ, and provide practical hardening guidance for AI-powered GitHub Actions workflows.

davidwright, Arnaud Lheureux, and Suzanne Daniels explain why architecture and governance frameworks only help when they actively change delivery decisions. Using Git-Ape as the example, they show how to turn Azure Well-Architected, Azure Policy (including NIST mappings), and CAF guidance into repeatable repo-driven assessments with prioritized findings tied to code and policy.

Microsoft AI Red Team updates its agentic AI failure-mode taxonomy based on a year of red team engagements, adding seven new categories and translating real-world attack patterns into practical mitigations teams can apply to deployed agentic systems.

WillT announces the general availability of Microsoft Fabric Operations agent, describing how it uses LLM-driven rule generation plus Real-Time Intelligence monitoring to detect issues, ask clarifying questions, and (with approval) run remediation actions like pipelines, notebooks, UDFs, and Power Automate workflows, with tracing and governance built in.

Allison announces the general availability of Enterprise Teams on GitHub Enterprise Cloud, explaining how enterprise admins can define teams once and reuse them across all organizations for consistent reviewer routing, ruleset bypass configuration, IdP-driven membership via SCIM, and API-based automation with auditing.

IgalAmster announces the general availability of Graph in Microsoft Fabric, a relationship-first graph capability that runs natively on OneLake. The post explains how explicit graph modeling and GQL queries support enterprise-scale reasoning for analytics, ontologies, and Fabric IQ scenarios, including security and impact analysis use cases.

Manoj Bableshwar introduces Foundry Managed Compute, a new Microsoft Foundry capability for deploying open-source and custom AI models on elastic GPU capacity with Foundry-managed runtimes, unified endpoints/SDKs, built-in routing for cache efficiency, and Azure-native governance, networking, and observability.

Linda Li and Maria Naggaga announce new preview capabilities in Azure AI Foundry for scaling production agents: Toolboxes features like Tool Search, Skills, Work IQ/Fabric IQ, Browser Automation, and managed MCP servers, plus Routines in Foundry Agent Service for trigger-based agent runs with governance via Guardrails.

Amanda Foster announces new Microsoft Foundry capabilities for getting AI agents into production across an enterprise: publishing Foundry agents into Microsoft 365 Copilot and Teams, a new “autopilot agent” model with its own identity, and incoming Agent-to-Agent (A2A) endpoints for cross-agent interoperability.

Microsoft Defender Security Research Team breaks down “Miasma,” a large-scale npm supply-chain compromise that abused a GitHub Actions OIDC publishing workflow to ship trojanized @redhat-cloud-services packages. It explains the multi-stage obfuscation, credential theft targets (including Azure tokens), worm-like propagation, and concrete hunting and mitigation steps.

murray-kp rounds up the June 2026 Microsoft Fabric release, covering OneLake storage lifecycle controls, expanded lineage for materialized lake views, major data agent updates (service principals, observability, NL2SQL, code interpreter), warehouse and SQL endpoint improvements, real-time intelligence enhancements, and stronger CI/CD and security options across integrations.

Rajesh Ramamurthy outlines how Microsoft is evolving Azure DevOps and GitHub for agentic development, including enterprise-scale repo migration options, new MCP-based context connectors for agents, and preview features that bring Copilot-assisted code review and CodeQL autofix into Azure DevOps workflows.

Tsuyoshi Ushio introduces azure-functions-skills (public preview), a plugin + CLI that wires AI coding agents (including GitHub Copilot CLI and VS Code) with MCP config, hooks, and playbooks to scaffold, validate, and deploy Azure Functions using current best practices like managed identity and Key Vault references.

Jay Parikh outlines Microsoft’s approach to an enterprise “agent platform” that treats AI as a production system: build agents in GitHub, ground them with Microsoft IQ, run them in Foundry, govern them with Agent 365 and the Microsoft Security stack, and continuously improve via evals, traces, tuning, and feedback loops.

FaisalMohamood summarizes Microsoft Build 2026 announcements for Fabric Data Factory, focusing on new diagnostics, secure private-network ingestion, expanded mirroring, dbt and Airflow improvements, and “agent-ready” capabilities (skills + MCP) to help teams build AI-ready data pipelines on Microsoft Fabric.

Anna Hoffman summarizes Microsoft SQL announcements from Build 2026, focused on an “agentic” database developer workflow powered by GitHub Copilot across VS Code and SSMS, plus Azure SQL Hyperscale capabilities and new security and streaming features.

Natalie Guevara introduces the GitHub Copilot app (technical preview) as a desktop control center for agentic development, covering parallel agent sessions with git worktrees, canvases for inspectable work, local and cloud sandboxes, scalable Copilot code review, and the Copilot SDK and CLI updates.

Allison announces a public preview of GitHub Copilot sandboxes, adding secure, isolated execution environments for Copilot’s tool and command runs both locally and in GitHub-hosted cloud sessions, with policy controls aimed at safer agentic workflows.

Aleš Holeček outlines Microsoft’s Build 2026 announcements for securing AI-driven software delivery, spanning agentic vulnerability discovery, developer-focused remediation workflows, governance for local and cloud agents, and model integrity checks before deployment.

tschuchman outlines what Microsoft Foundry is shipping at Build 2026 to help teams move AI agents from prototype to production, covering Agent Framework updates, Toolboxes and MCP-based tool access, hosted runtimes with memory and isolation, and an operations loop with tracing, evaluation, and optimizer-driven improvements.