InfoWorld

Microsoft MCP server gives AI assistants access to MSBuild logs

The Microsoft Binlog MCP Server enables AI-powered build failure diagnosis, property tracing, performance analysis, and build ...
Redmond Magazine

Microsoft Disrupts StegoAd Extension Campaign Affecting Up to 2.6 Million Users

Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
Redmond Magazine

Microsoft Open Sources AI Safety Tools for Agent Development

Microsoft open-sources RAMPART and Clarity to improve AI agent safety engineering. RAMPART turns red-team findings into repeatable AI safety tests for CI pipelines. Clarity helps developers validate ...
Computerworld

For May, Patch Tuesday means 139 updates — but no zero-days

Microsoft delivered fixes for issues affecting everything from Windows to Office, .NET, and SQL Server, and several patches that should be deployed ASAP. Microsoft this week released 139 updates ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...
CSOonline

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities,’ says an incident response manager. A critical hole in Windows Internet ...
GitHub

SQL Injection Cheat Sheet by Netsparker.html

<li><a href="http://www.ngssoftware.com/papers/advanced_sql_injection.pdf">Advanced SQL Injection In SQL Applications</a>,&nbsp;<em>Chris Anley</em></li> <li><a href ...
Seeking Alpha

Cybersecurity stocks fall after Anthropic unveils Claude Code Security

Anthropic (ANTHRO) unveiled a new feature called Claude Code Security built into Claude Code on the web. Cybersecurity stocks were in the red on Friday. CrowdStrike (CRWD) and Cloudflare (NET) each ...
theregister

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks ...
The Hacker News

ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm HH Capital, bringing ZAST.AI's total ...
Dark Reading

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

The most popular trusted model context protocol (MCP) servers on the Web today contain severe cybersecurity vulnerabilities. The Internet of AI forming all around us is growing larger and more ...