World Passkey Day: Advancing passwordless authentication
This World Passkey Day, read how Microsoft is advancing passkey adoption to replace passwords, cut phishing risk, and deliver simpler, more secure sign-ins. ...
Microsoft Security Blog
11 articles
Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report
Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging AI Security Operations Center (SOC) r...
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands. This campaign evades traditional de...
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step at...
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments
A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud environments and Kubernetes workloads. With...
Microsoft Agent 365, now generally available, expands capabilities and integrations
Today we’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI agents, including local age...
What’s new, updated, or recently released in Microsoft Security
Stay ahead of emerging threats with Microsoft’s newest security innovations and updates, delivered through the In the Loop series. The post What’s new, updat...
Email threat landscape: Q1 2026 trends and insights
In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, highlighted by Microsoft’s disrupti...
8 best practices for CISOs conducting risk reviews
Embracing strong proactive security is something we can all do to mitigate our increased exposure to security threats. The post 8 best practices for CISOs co...
Simplifying AWS defense with Microsoft Sentinel UEBA
Learn how Microsoft Sentinel UEBA helps defenders distinguish benign AWS activity from attacker behavior by enriching raw CloudTrail logs with clear, binary ...
AI-powered defense for an AI-accelerated threat landscape
Read how Microsoft is partnering with Anthropic and broader industry to use leading models, paired with our platforms and expertise, to turn AI-driven discov...