Microsoft Security Blog
Your source for the latest in cybersecurity
Microsoft Security success stories: Why integrated security is the foundation of AI transformation
Discover how Ford, Icertis, and TriNet modernized security with Microsoft—embedding Zero Trust, automating defenses, and enabling secure AI innovation at scale.
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
Announcing Microsoft Defender Experts Suite, a integrated set of expert-led services that helps security teams keep pace with modern cyberattacks.
Threat intelligence
-
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals purchasing and using to target multiple sectors. -
Phishing actors exploit complex routing and misconfigurations to spoof domains
Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages. -
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks.
Stay ahead of threats
Get expert insights, threat intelligence, and the latest cybersecurity reports from Security Insider.
AI and machine learning
-
New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generative while safeguarding sensitive data? -
From runtime risk to real‑time defense: Securing AI agents
Why securing AI agents at runtime is essential as attackers find new ways to exploit generative orchestration. -
Microsoft Security success stories: Why integrated security is the foundation of AI transformation
Discover how Ford, Icertis, and TriNet modernized security with Microsoft—embedding Zero Trust, automating defenses, and enabling secure AI innovation at scale.
Modernize your security operations center
Confidently secure your multicloud, multiplatform environment with Microsoft Sentinel – a cloud-native security information and event management (SIEM) solution.
Latest posts
-
New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generative while safeguarding sensitive data? -
Microsoft announces the 2026 Security Excellence Awards winners
Congratulations to the winners of the 2026 Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond. -
Security strategies for safeguarding governmental data
Discover key strategies and leadership insights to help government agencies protect sensitive data and strengthen overall cybersecurity resilience. -
From runtime risk to real‑time defense: Securing AI agents
Why securing AI agents at runtime is essential as attackers find new ways to exploit generative orchestration. -
Microsoft Security success stories: Why integrated security is the foundation of AI transformation
Discover how Ford, Icertis, and TriNet modernized security with Microsoft—embedding Zero Trust, automating defenses, and enabling secure AI innovation at scale. -
Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint
Microsoft Defender Researchers uncovered a multi‑stage AiTM phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector.