A single npm user on Thursday published 14 malicious packages within a four-hour window, all mimicking popular OpenSearch, Elasticsearch, DevOps, and environment-configuration libraries, according to ...

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.

AI search has outgrown simple RAG. Learn how today’s hidden AI retrieval systems decide whether your content gets surfaced or ...

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Scammers are exploiting a real Microsoft email address to send phishing links. Here's how to spot it and how to stay safe.

A new phishing tool is allowing cyber attackers to get access to Microsoft 365 users' accounts without even needing to know ...

New FBI warning for Microsoft users. The FBI issued a warning on May 21, as a new AI-powered attack enables "threat actors to ...

Explore what's new in Copilot Studio, May 2026: computer-using agents are now available, plus redesigned workflows and Work IQ extensibility.

Microsoft is applying lessons from Rust to C# in a planned redesign of the unsafe code model, continuing a years-long company focus on reducing memory-safety risks historically associated with C and C ...

Most AI search guidance stops at citations. This architecture framework extends to autonomous agents completing transactions ...

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate ...