Securing CI/CD in an agentic world: Claude Code Github action case
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions.
Refine results
Content Type
Topic
Threat intelligence
Products and services
Publish date
-
-
Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
A surge in real-world attacks against agentic AI systems is reshaping how we think about risk. -
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. -
Microsoft Build 2026: Securing code, agents, and models across the development lifecycle
Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
Malicious npm packages abuse dependency confusion to profile developer environments
A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. -
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. -
Typosquatted npm packages used to steal cloud and CI/CD secrets
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. -
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines per-file ephemeral key encryption with an aggressive self-propagation module to deploy itself across an entire network using series of simultaneous lateral movement techniques per target. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with malicious sites also surfaced through AI chatbots. -
Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
Microsoft has been recognized as a Leader in The Forrester Wave™: Workforce Identity Security Platforms, Q2 2026, receiving the highest scores in both the current offering and strategy categories. -
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence server for credential theft and identity compromise. -
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
How Frontier firms secure AI at scale: read how Microsoft customers embed governance, identity, and cloud security to make protection an enabler of AI growth.
