Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
Microsoft

Threat actor abuse of AI accelerates from tool to cyberattack surface

Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. Learn ...
Microsoft

Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio

Agentic AI introduces new security risks. Learn how the OWASP Top 10 Risks for Agentic Applications maps to real mitigations ...
Microsoft

Applying security fundamentals to AI: Practical advice for CISOs

Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered ...
Microsoft

AI Decision Brief: How leaders can drive Frontier Transformation

Microsoft leaders share how to drive Frontier Transformation—scaling AI for real business impact across workflows, decisions, ...
Microsoft

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Microsoft Defender stopped a human-operated ransomware attack that abused Group Policy Objects (GPOs) to disable defenses and ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Microsoft

AI for nuclear energy: Powering an intelligent, resilient future

Discover how Microsoft and NVIDIA use AI and digital twins to accelerate nuclear plant permitting, design, and operations.
Microsoft

The threat to critical infrastructure has changed. Has your readiness?

Critical infrastructure faces a new threat landscape as attackers embed persistent access. Governments are enforcing stronger ...
Microsoft

Navigating digital sovereignty at the frontier of transformation

Learn why we're committed to expanding our sovereign cloud continuum and strengthening cloud capabilities to navigate digital ...
Microsoft

How Microsoft Defender protects high-value assets in real-world attack scenarios

High-value assets including domain controllers, web servers, and identity infrastructure are frequent targets in ...