Microsoft Security Blog (original) (raw)

Your source for the latest in cybersecurity

AI and machine learning

• Reconstructing AI activity in investigations

Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach.

• Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions.

Latest posts

• Microsoft Defender email security benchmarking: Key insights from one year of data

See how Microsoft Defender performed in one year of real-world email security benchmarking against SEG and ICES vendors.

• Turn specs into evals for any agent with ASSERT

Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements into executable evaluations of AI models and agents.

• Reconstructing AI activity in investigations

Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach.

• AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure.

• Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions.