enterprise security

Microsoft released security updates on March 10, 2026 that address a high-risk remote code execution vulnerability in on-premises SharePoint Server tracked as CVE-2026-26106 — a flaw Microsoft describes as improper input validation that could allow an authenticated attacker to execute code...

Microsoft has begun enforcing a strict new integrity check inside the Microsoft Authenticator mobile app that will prevent work and school Entra credentials from being used on devices the app detects as jailbroken (iOS) or rooted (Android). The change is automatic, phased, and uncompromising...

CISA’s decision to add three high-risk flaws to the Known Exploited Vulnerabilities (KEV) Catalog is a stark reminder that attackers are continuing to weaponize long-established weakness classes — SSRF, insecure deserialization, and authentication bypass — and that organizations which delay...

Microsoft has taken a major step toward making “Frontier Transformation” — the company’s phrase for large‑scale, agentic AI adoption across enterprises — feel operationally realistic for CIOs and CISOs by announcing Agent 365 as a unified control plane for AI agents and a new Microsoft 365 E7...

OpenAI’s engineers have quietly built an internal code-hosting platform and — according to multiple reports — the company is now weighing whether to productize that tool as a commercial alternative to the Microsoft‑owned GitHub, a move that would set up one of the most surprising competitive...

Three years after the ChatGPT shockwave, AI agents have moved from novelty to infrastructure — and with that transition comes a set of practical security, governance, and operational obligations every Windows‑era IT team must face now, not later. Background The technology landscape that began...

Microsoft's Copilot App for Windows is now offering an optional password and form-data sync inside its built-in browser for Windows Insiders — a convenience feature that folds autofill into the Copilot sidepane but also changes the threat model for anyone who stores credentials on their PC...

Microsoft’s Copilot has moved from an experimental sidebar to a baked‑in productivity partner — but the reality of using it day‑to‑day is more complicated than the glossy demos suggest. The promise is simple: draft faster, analyze smarter, and get routine work off your plate. In practice...

Microsoft’s Copilot appears to be getting a refreshed screenshot tool — one designed to let the assistant “see” and act on on‑screen content more smoothly — but the launch comes with familiar privacy fault lines that Microsoft has yet to fully close...

Microsoft Defender’s recent investigation shows a deceptive new vector for corporate data leakage: malicious Chromium‑based browser extensions that impersonate trusted AI assistant tools and quietly siphon LLM chat histories and browsing telemetry from users — at scale and with real-world...

Microsoft’s Windows roadmap is the subject of another viral wave of reporting—this time claiming a full-numbered successor, widely referred to as “Windows 12” (internal leak name: Hudson Valley Next), will arrive with a ground-up modular architecture, deep, system-level Copilot integration, and...

Teramind’s new product announcement marks a deliberate attempt to stitch enterprise-grade governance around the very behaviors that make modern AI useful — prompts, responses, and autonomous actions — and to do so across the entire spectrum of tools employees now use, from sanctioned copilots to...

AI-powered browsers are no longer a gimmick — they are practical productivity tools that can read, summarize, compare, and even act on your behalf, and the right setup can save hours every week while changing how you research, write, and automate routine web tasks. Background The web browser has...

Teramind’s new AI Governance product lands at a moment when enterprises are moving from curiosity to deployment—and the company stakes a bold claim: for the first time, organizations can apply enterprise-grade behavioral oversight, continuous audit trails, and automatic enforcement to every AI...

CISA has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog — a Qualcomm graphics integer‑overflow affecting many Android devices (CVE‑2026‑21385) and a command‑injection flaw in VMware Aria Operations tracked as CVE‑2026‑22719 — forcing federal...

Microsoft’s latest update to its enterprise security stack introduces a reworked, guided onboarding experience for Defender deployments—an attempt to move the historically fiddly, error‑prone first-mile of endpoint and security operations into a predictable, auditable, and largely automated...

Microsoft has confirmed that a configuration error in Microsoft 365 Copilot Chat allowed the assistant to read and summarise emails stored in users’ Drafts and Sent Items — including messages labelled confidential — for several weeks, exposing a blind spot in enterprise controls and reigniting...

Microsoft’s latest Insider drops this week keep the momentum on Windows 11’s incremental polish and enterprise hardening — Canary and Dev channels received distinct but complementary tweaks that mix small, practical quality‑of‑life updates with features aimed squarely at administrators and power...

Microsoft's new Copilot Tasks flips the script on conversational assistants: instead of waiting for you to ask how to do something, it quietly does the work for you in the cloud and hands you the results. Background Microsoft revealed Copilot Tasks in a research preview at the end of February...

Microsoft’s internal UI leak suggests Copilot is moving from chat panes into a full visual workspace: a canvas-style, AI-first whiteboard that blends image generation, streaming AI responses, and agent-like automation — a heavy hint that Microsoft is experimenting with a new product internally...