InfoQ

Microsoft Brings AI-Powered Vulnerability Remediation to Azure DevOps with Copilot Autofix

Microsoft has announced the limited public preview of Copilot Autofix for GitHub Advanced Security for Azure DevOps, ...
Computing

Google: State-backed hackers using Gemini AI at every stage of attacks

State-sponsored hacking groups from China, Iran, North Korea and Russia are using Google's Gemini AI system to assist with nearly every stage of cyber operations, from reconnaissance to post-breach ...
InfoWorld

Microsoft MCP server gives AI assistants access to MSBuild logs

The Microsoft Binlog MCP Server enables AI-powered build failure diagnosis, property tracing, performance analysis, and build ...
Redmond Magazine

Microsoft Disrupts StegoAd Extension Campaign Affecting Up to 2.6 Million Users

Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...
Redmondmag.com

Microsoft Disrupts StealC, Amadey Malware Infrastructure in AI-Assisted Cybercrime Action

Microsoft on Wednesday said it has disrupted infrastructure tied to StealC and Amadey, two widely used cybercrime tools that the company says have become part of a broader malware supply chain used to ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
CSO Online

Malicious Chromium extension spoofs Perplexity AI to hijack browser searches

Researchers say attackers are extending AI-themed social engineering from phishing campaigns to browser extensions.
Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...

SimpleHelp Flaw Exploited to Deploy Malware Targeting Windows, macOS, and Linux

A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...