Self-hosted agents execute code with durable credentials and process untrusted input. This creates dual supply chain risk, ...

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...

Microsoft is gearing up for big PowerShell and Windows OpenSSH changes in 2026, but security will come before flashy new features.

What is PowerShell? Microsoft PowerShell is a powerful administrative tool that can help you automate tasks for your computer ...

As the SharePoint Embedded connector was released last night, I thought it would be useful to start a series of posts about ...

Microsoft is tightening security around its Entra ID sign-in process by blocking external script injection, a move that could force some orgs to rethink their browser extension strategies. The update, ...

As AI agents proliferate, IT departments need visibility. Microsoft is giving agents the same deference as humans. Microsoft Entra now helps govern every agent's activities. The array of AI-related ...

As businesses around the world have shifted their digital infrastructure over the last decade from self-hosted servers to the cloud, they’ve benefitted from the standardized, built-in security ...

Microsoft has extended Entra’s powerful access control capabilities to on-premises applications — but you’ll need to rid your network of NTLM to take advantage of adding cloud features to your Active ...

Microsoft will remove PowerShell 2.0 from Windows starting in August, eight years after announcing its deprecation and keeping it around as an optional feature. The 14-year-old command processor ...