惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

小众软件
小众软件
IT之家
IT之家
博客园 - 聂微东
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
PCI Perspectives
PCI Perspectives
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
美团技术团队
S
Secure Thoughts
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
腾讯CDC
Application and Cybersecurity Blog
Application and Cybersecurity Blog
雷峰网
雷峰网
B
Blog
MyScale Blog
MyScale Blog
T
The Blog of Author Tim Ferriss
TaoSecurity Blog
TaoSecurity Blog
N
News and Events Feed by Topic
Blog — PlanetScale
Blog — PlanetScale
C
Check Point Blog
T
Tailwind CSS Blog
月光博客
月光博客
Simon Willison's Weblog
Simon Willison's Weblog
Hacker News: Ask HN
Hacker News: Ask HN
The Last Watchdog
The Last Watchdog
Google DeepMind News
Google DeepMind News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
MongoDB | Blog
MongoDB | Blog
S
Security @ Cisco Blogs
Jina AI
Jina AI
Engineering at Meta
Engineering at Meta
S
Security Affairs
Forbes - Security
Forbes - Security
P
Palo Alto Networks Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
博客园 - 司徒正美
博客园 - 三生石上(FineUI控件)
T
Tor Project blog
O
OpenAI News
L
Lohrmann on Cybersecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LangChain Blog
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More

Microsoft Security Blog

ACR Stealer: Two observed intrusion chains amid increased threat activity | Microsoft Security Blog Least privilege for AI agents: Identity, access, and tool binding | Microsoft Security Blog Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery | Microsoft Security Blog Turning threat intelligence into decisive action with Defender Experts | Microsoft Security Blog Defending SaaS-based applications against ShinyHunters OAuth abuse | Microsoft Security Blog Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID | Microsoft Security Blog Securing our future: July 2026 progress report on Microsoft's Secure Future Initiative | Microsoft Security Blog GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware | Microsoft Security Blog Protecting Microsoft at AI speed: How SFI proactively hardens our cloud   | Microsoft Security Blog 5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management | Microsoft Security Blog Improving security posture across the Microsoft partner ecosystem | Microsoft Security Blog Microsoft named a leader in the Frost Radar for cloud and application runtime security | Microsoft Security Blog Accelerating the quantum-safe timeline | Microsoft Security Blog ​​What’s new in Microsoft Security: June 2026 | Microsoft Security Blog Securing AI agents: When AI tools move from reading to acting | Microsoft Security Blog Chromium extension uses AI‑related branding to redirect browser search | Microsoft Security Blog Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access | Microsoft Security Blog Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms | Microsoft Security Blog CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms | Microsoft Security Blog StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them | Microsoft Security Blog Guarding AI memory | Microsoft Security Blog One intrusion, two cyberattackers: Uncovering parallel threat activity | Microsoft Security Blog AutoJack: How a single page can RCE the host running your AI agent  | Microsoft Security Blog New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI | Microsoft Security Blog From package to postinstall payload: Inside the Mastra npm supply chain compromise | Microsoft Security Blog Crypto Clipper uses Tor and worm-like propagation for persistence and control | Microsoft Security Blog Beyond the benchmark: Advancing security at AI speed  | Microsoft Security Blog ​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report | Microsoft Security Blog AI is accelerating cyberattacks—here’s how to stay ahead Microsoft Defender email security benchmarking: Key insights from one year of data | Microsoft Security Blog Reconstructing AI activity in investigations AI brands as bait: How threat actors are using the AI hype in social engineering Securing CI/CD in an agentic world: Claude Code Github action case Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign Turn specs into evals for any agent with ASSERT Microsoft Build 2026: Securing code, agents, and models across the development lifecycle Malicious npm packages abuse dependency confusion to profile developer environments Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection Typosquatted npm packages used to steal cloud and CI/CD secrets The Gentlemen ransomware: Dissecting a self-propagating Go encryptor From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations What’s new in Microsoft Security: May 2026 Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft Securing the gaming culture of cultures Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow Exposing Fox Tempest: A malware-signing service operation How Storm-2949 turned a compromised identity into a cloud-wide breach How to better protect your growing business in an AI-powered world Defense in depth for autonomous AI agents When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps Accelerating detection engineering using AI-assisted synthetic attack logs generation Defending consumer web properties against modern DDoS attacks Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise Active attack: Dirty Frag Linux vulnerability expands post-compromise risk When prompts become shells: RCE vulnerabilities in AI agent frameworks World Passkey Day: Advancing passwordless authentication ​​Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report ​​ ClickFix campaign uses fake macOS utilities lures to deliver infostealers Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments Microsoft Agent 365, now generally available, expands capabilities and integrations What’s new, updated, or recently released in Microsoft Security Email threat landscape: Q1 2026 trends and insights 8 best practices for CISOs conducting risk reviews Simplifying AWS defense with Microsoft Sentinel UEBA AI-powered defense for an AI-accelerated threat landscape Detection strategies across cloud and identities against infiltrating IT workers Making opportunistic cyberattacks harder by design Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook Containing a domain compromise: How predictive shielding shut down lateral movement Building your cryptographic inventory: A customer strategy for cryptographic posture management Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise Incident response for AI: Same fire, different fuel The agentic SOC—Rethinking SecOps for the next decade Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk Inside an AI‑enabled device code phishing campaign Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations Threat actor abuse of AI accelerates from tool to cyberattack surface Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments Mitigating the Axios npm supply chain compromise Critical Infrastructure at Risk | Security Insider
Microsoft at Black Hat USA 2026: Defending trust in the age of AI and supply chain attacks | Microsoft Security Blog
Elliot Volkman · 2026-07-18 · via Microsoft Security Blog

Across the threat landscape, in this moment, one pattern sits at the center of the story: threat actors are following trust.

They are not only looking for vulnerable systems, but rather targeting the software, services, identities, tools, developer workflows, and AI systems that organizations already depend on.

A package can become a distribution path. A build pipeline can become an access path. A trusted tool can become or expand an attack surface. An AI agent with the wrong access can become a new way to reach code, data, or infrastructure.

While the surfaces may change, the goal for the majority of threat actors remains the same: find what is trusted, abuse it, and scale the impact.

At Black Hat USA 2026, Microsoft Security will walk through how we are seeing this shift unfold, how security teams can look for it earlier, and how threat intelligence, expert-led response, and security operations need to work together when campaigns move across software, identity, cloud, data, and AI systems.

On Wednesday, August 5, 2026, the day begins with David Weston’s keynote, The End of Rare: Defending When Offense Is Cheap, which looks at what defense requires when offensive capability becomes easier to access, automate, and scale. Later that afternoon, Aarti Borkar and Tanmay Ganacharya will resume the main stage for Poisoned at the Source: Inside the Hunt for Supply Chain Attacks, which offers a closer look at how Microsoft Threat Intelligence is hunting attacks across software ecosystems, developer workflows, and trusted services. This includes details into the ongoing attacks on npm (Node package manager). 

Together, these sessions frame the challenge security teams are facing now: when offensive capability becomes easier to scale, security teams need to understand the trust paths threat actors can abuse before those paths become open doors for attacks. 

At our booth, we’ll also showcase Microsoft Defender Experts Threat Intelligence, a new expert-led service delivering continuous, curated intelligence tailored to your organization, and Microsoft Defender Experts MDR, now extended with third-party and multicloud coverage.

From August 4 to 6, 2026, at Mandalay Bay in Las Vegas, you’ll find Microsoft Security on the Business Hall floor at booth #2144, and on Wednesday evening, join us at the Microsoft Security reception at Swingers at Mandalay Bay.

Weston on the future of defense 

At 9:15 AM PT on Wednesday, August 5, 2026, David Weston, CVP of Agentic Security, will examine what changes for security teams when offensive capability becomes easier to access, automate, and scale. 

The keynote sets up one of the central questions security leaders are facing now: how does the security operations center (SOC) and analysts adapt when threat actors can move faster, test more often, and reuse trusted paths across software, identity, cloud, and AI systems? Join the keynote Wednesday, August 5, 2026, then continue the conversation with Microsoft Security at booth #2144. 

Our latest intelligence (and response) on npm supply chain attacks

That same intelligence-to-action challenge is at the center of our main stage session at Black Hat. 

On Wednesday, August 5, 2026, from 2:30 PM PT to 3:00 PM PT, Aarti Borkar, Corporate Vice President (CVP), Microsoft Security, and Tanmay Ganacharya, Vice President of Microsoft Security Research and Threat Intelligence, will share intelligence and insights into the ongoing supply chain campaigns impacting all areas of the threat landscape. The talk, Poisoned at the Source: Inside the Hunt for Supply Chain Attacks, will walk through Microsoft Threat Intelligence’s investigations into the ongoing npm supply chain attacks targeting software ecosystems, developer workflows, trusted services, and how organizations are handling the challenges associated with npm packages.

Follow the research in the Black Hat Briefings

Microsoft Security researchers will also present peer-reviewed technical research in the Black Hat Briefings. These sessions go deep into cloud, mobile, and software supply chain defense.

GitHub Can Tell You’re Being Hacked. You’re Just Not Listening: Building EDR for GitHub from Its Own Event Stream

  • Presented by Yossi Weizman, Principal Security Research Manager
  • Wednesday, August 5, 2026, from 10:15 AM PT to 10:45 AM PT

One Click to System: Exploiting Bixby’s Trust Model for Full Device Compromise

  • Presented by Dimitrios Valsamaras, Senior Security Researcher
  • Wednesday, August 5, 2026, from 12:00 PM PT to 12:40 PM PT

Handle With Care: Chaining Azure Automation Flaws for Cross-Tenant Identity Takeover

  • Presented by Shay Shavit, Senior Security Researcher
  • Wednesday, August 5, 2026, from 4:30 PM PT to 5:10 PM PT

Check the official Black Hat schedule for final room assignments and any timing updates.

Go deeper in Microsoft sessions

Microsoft experts will also lead sessions that give you a closer look behind the scenes, including:

Mind the Gap: Turning Threat Intelligence into Decisive Action with Expert-Led Defense

  • Presented by Wes Malaby, General Manager of Customer Success
  • Wednesday, August 5, 2026, from 5:00 PM PT to 5:20 PM PT

Cyber Defense Showdown

  • Presented by Fanta Kaba and special guest Jimmie Galaites
  • Wednesday, August 5, 2026, from 5:00 PM PT to 5:20 PM PT

Agentic Security: What’s Next

  • Presented by Naadia Sayed, Principal Product Manager
  • Thursday, August 6, 2026, from 11:15 AM PT to 12:00 PM PT

These sessions extend the main stage story into practitioner decisions: how teams move from intelligence to action, how defenders test their judgment under pressure, and how AI and agents are changing security workflows.

Visit booth #2144 for research, community, and hands-on defense

This year we are transforming the Microsoft Security booth into a community center. Click here to jump to the full schedule.

If the keynote and main stage sessions frame the largest challenges across the threat landscape, booth #2144 is where you can directly explore the workflows behind it: threat intelligence, incident response, AI security, security operations, partner solutions, and hands-on practice.  

You will find:

Connection circles, ask-me-anythings (AMAs), meetups led by industry influencers, and lightning talks

Short-form conversations with practitioners and experts on threat intelligence, incident response, AI security, identity, data protection, and security operations. If you swing by when the expo area opens, we’ll also fuel you up so you can skip the food court.

Partner presence

At Black Hat 2026, the Microsoft booth will feature 13 partners from the Microsoft Intelligent Security Association (MISA) who will showcase solutions built with Microsoft Security technology. Security Insider Conversations will feature MISA partners Critical Start (August 5, 2026, at 3:30 PM PT) and Huntress (August 6, 2026, at 2:00 PM PT) alongside Microsoft Security experts. Additionally, thank you to our Microsoft Security VIP Mixer sponsors: Ascent Solutions, Avertium, Devicie, Huntress, Illumio, Maureen Data Systems, and Security Risk Advisors. 

A decorative image announcing the demo schedule at the Microsoft booth at Black Hat USA 2026.

Demo our latest innovations

Explore connected experiences across defending with AI, securing AI, strengthening posture for AI adoption, using security intelligence in investigations and response, working with trusted partners, and connecting with Microsoft Defender experts.

Exclusive swag (featuring a surprise guest)

Spend some time with us at the experience we built around the booth and you’ll earn tokens that can be exchanged for custom patches and hats (because security experts have to wear many hats). Your favorite paperclip may be among the patches. Maybe.

Decompress with mini golf

The biggest Microsoft Security community moment of the week is our reception at Swingers at Mandalay Bay, hosted by Aarti Borkar.

Join us Wednesday, August 5, 2026, from 6:00 PM PT to 9:00 PM PT for food, drinks, mini golf, partner activations, and time with the Microsoft Security team away from the show floor.

Come compare notes with peers, meet Microsoft researchers and responders, and connect with the broader Microsoft Security community.

Space is limited, so reserve your spot early.

Plan your week with Microsoft Security

You can find Microsoft Security at booth #2144 during Business Hall hours:

  • Tuesday, August 4, 2026: 4:00 PM PT to 7:00 PM PT
  • Wednesday, August 5, 2026: 9:00 AM PT to 6:00 PM PT
  • Thursday, August 6, 2026: 9:00 AM PT to 4:00 PM PT

Stop by early to see the booth schedule, find upcoming AMAs and connection circles, and plan which live sessions and hands-on experiences you want to attend.

Skill up before and after Black Hat

You do not need to be in Las Vegas to take part in the broader Microsoft Security Black Hat experience.

The Microsoft Black Hat Skilling Challenge begins July 20, 2026, and will help defenders build hands-on skills across Microsoft Defender, Microsoft Sentinel, and Microsoft Security Copilot. Attendees can use the challenge to prepare before the event, then bring questions to on-site experts and community sessions. Remote participants can follow along through Microsoft Tech Community, AMAs, recaps, and post-event resources.

See you at hacker summer camp

Threat actors are adapting around the systems organizations already trust. Security teams need to understand those trust paths before they become attack paths.

At Black Hat USA 2026, Microsoft Security will bring the research, expert perspective, and hands-on experiences to help practitioners see where attacker behavior is moving and how defense can adapt.

Add Poisoned at the Source to your schedule. Visit us at booth #2144. Join the skilling challenge. And register for the Microsoft Security reception on Wednesday night.

Microsoft Security booth #2144 experiences and schedule

Tuesday, August 4, 2026

TimeTitle
5:00 PM PT to 6:00 PM PTHow Practitioners Build Effective Security Playbooks
6:00 PM PT to 7:00 PM PTAgentic Security: What’s Next

Wednesday, August 5, 2026

TimeTitle
9:00 AM PT to 9:30 AM PTSecurity Communities Meet Up
10:00 AM PT to 10:30 AM PTUsing Offensive Security Research to Advance AI Security
10:30 AM PT to 11:00 AM PTThe Confused Deputy Strikes Back: How AI Agents Turn Into RCE Proxies
12:00 PM PT to 12:30 PM PTHunting in the Gray: When Nation-States and Cybercrime Collide
12:30 PM PT to 1:00 PM PTAI in Security Operations: What Actually Works and What Doesn’t
1:00 PM PT to 2:00 PM PTAI in the SOC: Lessons Learned from the Front Lines
2:30 PM PT to 2:30 PM PTMicrosoft Defender Challenge
2:30 PM PT to 3:00 PM PTFrom Alert Fatigue to Action: How Practitioners Prioritize What Matters
3:00 PM PT to 3:30 PM PTAgents in the Flow of Work: From Signals to Action
3:30 PM PT to 4:00 PM PTWill It Hold Up in Court? Forensic Defensibility of Microsoft 365 Evidence
5:00 PM PT to 6:00 PM PTZero Trust for the Agentic Era: An Interactive Discussion for Securing AI

Thursday, August 6, 2026

TimeTitle
9:00 AM PT to 9:30 AM PTThe Future of Microsoft Security and How Communities Can Support You
10:00 AM PT to 10:15 AM PTQuantum Is Here: What Practitioners Must Do Now
11:00 AM PT to 12:00 PM PTThe Next Era of Cyber Defense: Clarity, Control, and Response at Scale
12:00 PM PT to 12:30 PM PTLessons from the Field: What to Do When You’re Under Attack
12:30 PM PT to 1:00 PM PTWhen Browsers Become Agents: The Emerging Security Risks of AI‑Powered Browsers
2:30 PM PT to 3:00 PM PTSocial Engineering Always Matters
3:00 PM PT to 3:30 PM PTAI Runs on Data: Securing the Foundation of AI Adoption

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.