Microsoft Security Blog
Your source for the latest in cybersecurity
80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier
Read Microsoft’s new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks.
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Most security incidents happen in the gap between knowing what matters and actually implementing security controls consistently.
Microsoft announces the 2026 Security Excellence Awards winners
Congratulations to the winners of the 2026 Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond.
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals purchasing and using to target multiple sectors.
Threat intelligence
-
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals purchasing and using to target multiple sectors. -
Phishing actors exploit complex routing and misconfigurations to spoof domains
Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages. -
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks.
Stay ahead of threats
Get expert insights, threat intelligence, and the latest cybersecurity reports from Security Insider.
AI and machine learning
-
80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier
Read Microsoft’s new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks. -
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning
That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. -
A one-prompt attack that breaks LLM safety alignment
As LLMs and diffusion models power more applications, their safety alignment becomes critical.
Modernize your security operations center
Confidently secure your multicloud, multiplatform environment with Microsoft Sentinel – a cloud-native security information and event management (SIEM) solution.
Latest posts
-
80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier
Read Microsoft’s new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks. -
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning
That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. -
A one-prompt attack that breaks LLM safety alignment
As LLMs and diffusion models power more applications, their safety alignment becomes critical. -
Analysis of active exploitation of SolarWinds Web Help Desk
We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now. -
New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger. -
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Most security incidents happen in the gap between knowing what matters and actually implementing security controls consistently.