confidential computing

Microsoft is rolling out Confidential Live Migration for Azure confidential virtual machines, enabling protected VM moves between Azure hosts without a full restart while preserving attestation, encrypted transfer, and isolation guarantees during platform maintenance and infrastructure upgrades...

Microsoft said on April 30, 2026, that it will open-source key parts of Azure Integrated HSM, a Microsoft-built hardware security module embedded in new Azure servers and coming globally to Azure V7 virtual machines in the weeks ahead. The announcement is not just another cloud security...

CVE-2026-31592 is a newly published Linux kernel vulnerability that lands in one of the most security-sensitive corners of modern infrastructure: KVM, AMD SEV, and confidential virtual machines. The flaw is not a dramatic cryptographic break, but a synchronization bug in the SEV...

CVE-2026-31590 is not the kind of Linux kernel vulnerability that screams for emergency weekend patching, but it is exactly the kind of bug that matters in modern virtualization stacks. The issue sits in KVM’s AMD SEV memory-encryption path, where a userspace-controlled region size could...

Charles Hoskinson’s defense of leaning on hyperscalers at Consensus Hong Kong crystallized a growing rift in how the blockchain community defines “decentralization”: is it a purely cryptographic property, or must it also be realized in the physical infrastructure that runs proofs, validators...

Microsoft Azure saying it has validated and readied its datacenters for NVIDIA’s new Vera Rubin NVL72 rack-scale AI system marks a major inflection point: hyperscalers are no longer preparing for incremental GPU upgrades — they are rearchitecting entire racks, networks, and operations to host...

Microsoft has assigned CVE-2026-21522 to a newly disclosed elevation-of-privilege flaw affecting Azure Container Instances (ACI) Confidential Containers, warning that an attacker with access inside a confidential guest could potentially escalate privileges and interact with host-level resources...

Microsoft’s engineers have quietly opened a new front in OS-level security with LiteBox, a Rust‑based “library OS” designed to shrink the exposed surface between running code and the host system so dramatically that entire classes of kernel‑exposed attack vectors become far harder to exploit...

Microsoft's announcement that Azure will protect data not only at rest and in transit but while it’s being processed marks a significant shift in cloud security: Azure Confidential Compute places sensitive data inside Trusted Execution Environments (TEEs) so that even plaintext values inside...

Microsoft’s Hyper‑V work for the Linux kernel landed a substantial set of features and cleanups in the Linux 6.19 cycle, expanding what Linux can do both as a guest on Hyper‑V and as a root partition for Microsoft’s hypervisor stack — and bringing confidential‑computing, crash collection, and...

A decade of engineering, co‑development, and commercial cooperation between Microsoft and Red Hat has reshaped the enterprise cloud landscape — turning what began in 2015 as a cautious embrace of Linux on Azure into a full suite of jointly supported, cloud‑native, and hybrid solutions that now...

Telegram’s Cocoon went live this week, instantly turning the messaging giant into a player in the AI infrastructure market by launching a decentralized, TON‑backed marketplace that routes inference requests to third‑party GPUs running inside trusted execution environments (TEEs) — notably Intel...

Microsoft’s Azure Cobalt 200 arrives as a radical second act in its custom‑silicon playbook: a chipletized Arm-based server SoC that packs 132 Arm Neoverse V3 cores, a 12‑channel DDR5 memory interface, built on TSMC’s 3 nm process, and a set of on‑SoC accelerators and per‑core power controls...

KT’s announcement that it will debut a Microsoft Azure‑based “Secure Public Cloud” (SPC) in Korea marks a deliberate pivot from generic public cloud offerings to a sovereign‑aware platform designed to meet local regulatory, security, and operational expectations — a move that bundles Azure’s...

KT Corp.’s new sovereign public cloud — built on Microsoft’s Azure infrastructure and announced this week — is a clear shot across the bow of Korea’s cloud market: it packages confidential computing, managed HSM controls and strict in‑country governance into a commercially supported...

Microsoft has quietly moved one of the most sensitive elements of cloud security — the Hardware Security Module — from dedicated cluster appliances into the silicon and chassis of individual Azure servers, embedding a custom Azure Integrated HSM ASIC across new fleet servers as part of a broader...

Microsoft’s president, Brad Smith, told reporters from his office at the Redmond campus that the company will “investigate and get to the truth” after a Guardian-led investigation alleged that Israel’s Unit 8200 had used Microsoft Azure to store and process vast troves of intercepted Palestinian...

Microsoft’s cloud team has quietly re-architected the silicon under Azure to treat nearly every element of a server as a discrete security boundary — and it's shipping that architecture at scale across new servers this year and into 2025. What started as a collection of academic and hyperscaler...

Microsoft’s latest push to “harden Azure from silicon to systems” stitches together a clear thesis: security must be built into every layer of the cloud stack — starting in silicon and extending through firmware, host controllers, attestation, and immutable supply-chain evidence. The company’s...

Microsoft’s presentation at Hot Chips 2025 pulled back the curtain on a quiet but pivotal shift in how Azure defends the cloud: security is moving from centralized, cluster-level appliances into the silicon and server chassis themselves, with the Azure Integrated HSM and companion custom silicon...