Microsoft will use Black Hat USA 2026 to focus on attacks that abuse trusted software, developer workflows, identities and AI systems, with a main-stage session promising new detail on ongoing npm supply-chain campaigns.
The company’s Security blog says its Black Hat program will run from August 4 through August 6 at Mandalay Bay in Las Vegas, centered on the idea that attackers increasingly compromise the systems and tools organizations already trust rather than simply seeking exposed vulnerabilities. Black Hat’s published schedule confirms the event’s main conference runs August 5–6, with David Weston delivering a keynote on Wednesday, August 5.

A speaker presents a cybersecurity network diagram onstage to a packed, laptop-equipped audience.npm, AI agents and trusted paths​

Weston, Microsoft’s CVP of Agentic Security, is scheduled to give the 9:15 a.m. PT keynote, The End of Rare: Defending When Offense Is Cheap. According to Black Hat’s announcement, the session will examine how AI-assisted vulnerability discovery and exploit development are pushing defenders toward proactive controls such as memory-safe languages, formal verification and automated remediation.
Later that day, Aarti Borkar, CVP of Microsoft Security, and Tanmay Ganacharya, vice president of Microsoft Security Research and Threat Intelligence, will present Poisoned at the Source: Inside the Hunt for Supply Chain Attacks. Microsoft says the 2:30 p.m. PT session will cover its investigations into npm attacks affecting software ecosystems, developer workflows and trusted services.
That is the portion most likely to matter to Windows administrators and developers. Compromised packages can enter Windows build environments through CI/CD systems, developer endpoints and cloud-hosted source repositories without requiring a direct attack on the target organization. Microsoft’s framing also extends the risk to AI agents: an agent granted excessive access to source code, cloud resources or business data can become another path for an attacker who gains control of a trusted workflow.

Research and product messaging​

Microsoft researchers will also deliver Black Hat Briefings on GitHub event-stream detection, a Bixby trust-model exploit, and Azure Automation flaws that could enable cross-tenant identity takeover. The Azure session, scheduled for 4:30 p.m. PT on August 5, should be of particular interest to organizations using automation accounts and cross-tenant identity configurations.
On the product side, Microsoft will demonstrate Microsoft Defender Experts Threat Intelligence, described as an expert-led, continuously curated intelligence service tailored to individual organizations. The company also says Defender Experts MDR now includes third-party and multicloud coverage, a recognition that incident response teams rarely operate solely within Microsoft-managed environments.
Microsoft Security will be in the Business Hall at booth 2144, while its Black Hat Skilling Challenge begins July 20 and covers Microsoft Defender, Sentinel and Security Copilot. Black Hat attendees can expect the substantive supply-chain discussion on August 5, while remote teams should use the event material to review package controls, build-pipeline permissions and AI-agent access before the conference.

References​

  1. Primary source: Microsoft
    Published: 2026-07-17T16:00:00+00:00
  2. Related coverage: i.blackhat.com