Microsoft discovered that Anthropic's Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted content, including issue bodies, pull request descriptions, and comments. https://t.co/EFDooX4EjU
Following our disclosure, Anthropic mitigated this issue in Claude Code version 2.1.128 by blocking access to sensitive /proc files.
Read the blog for details from our research, along with practical guidance for reducing prompt injection, over-permissive tooling, and secret exposure risks in agentic CI/CD workflows.
Check out my latest article: Microsoft Defender Experts Suite: Expert-Led Services for a New Era of Cyber Defense https://t.co/7O24cJeehG via @LinkedIn
𝐎𝐟𝐟𝐢𝐜𝐞 𝐨𝐟 𝐭𝐡𝐞 𝐏𝐫𝐢𝐧𝐜𝐢𝐩𝐚𝐥 𝐒𝐜𝐢𝐞𝐧𝐭𝐢𝐟𝐢𝐜 𝐀𝐝𝐯𝐢𝐬𝐞𝐫 𝐭𝐨 𝐭𝐡𝐞 𝐆𝐨𝐯𝐞𝐫𝐧𝐦𝐞𝐧𝐭 𝐨𝐟 𝐈𝐧𝐝𝐢𝐚 𝐡𝐚𝐬 𝐫𝐞𝐥𝐞𝐚𝐬𝐞𝐝 𝐚 𝐖𝐡𝐢𝐭𝐞 𝐏𝐚𝐩𝐞𝐫 𝐨𝐧 𝐃𝐞𝐦𝐨𝐜𝐫𝐚𝐭𝐢𝐬𝐢𝐧𝐠 𝐀𝐜𝐜𝐞𝐬𝐬 𝐭𝐨 ��𝐈 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞.
With AI becoming central to innovation and economic progress, access to compute, datasets, and model ecosystems must be made broad, affordable, and inclusive. These resources are concentrated in a few global firms and urban centres, limiting equitable participation.
For India, democratising access means treating AI infrastructure as a shared national resource, empowering innovators across regions to build local-language tools, adapt assistive technologies, and create solutions aligned with India’s diverse needs.
The White Paper highlights key enablers aligned with India’s AI governance vision:
🔹 Expanding access to high-quality, representative datasets
🔹 Providing affordable and reliable computing resources
🔹 Integrating AI with Digital Public Infrastructure (DPI)
Read the White Paper here:
https://t.co/KZbBuNXAAW
Space is evolving beyond being a technological frontier; rather, it represents an integral part of our economic future, introducing new operational dimensions for global business and innovation.
Microblog by @antgrasso#SpaceEconomy#SpaceTech
Today we’ve unveiled our second Fairwater AI datacenter, located in Atlanta. Each site is connected via a dedicated AI network, creating an AI superfactory that enables real-time collaboration across states to train the next generation of AI models. https://t.co/dTBgfvHPSY
.@satyanadella gave me and @dylan522p an exclusive tour of Fairwater 2, the most powerful AI datacenter in the world.
We then chatted through Satya's vision for Microsoft in a world with AGI.
0:00:00 - Fairwater 2
0:04:15 - Business models for AGI
0:13:42 - Copilot
0:20:56 - Whose margins will expand most?
0:37:12 - MAI
0:48:42 - The hyperscale business
1:03:39 - In-house chip & OpenAI partnership
1:10:30 - The CAPEX explosion
1:16:01 - Will the world trust US companies to lead AI?
Look up Dwarkesh Podcast on Youtube, Apple Podcasts or Spotify to tune in.
👋 Folks, I'm super excited to announce the launch of the Microsoft Zero Trust Assessment!
I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs
Here's what it does
🧵👇
Check out my latest article: Building Digital Resilience in Financial Services: How DORA and Microsoft Are Shaping the Future https://t.co/4Ruq5gxVdM via @LinkedIn
The Microsoft Digital Defense Report 2025 shows how threats are evolving faster than ever, fueled by AI. https://t.co/rILMDbTHj5
Key insights from report include:
-More than 50% of cyberattacks with known motives had financial objectives such as extortion or ransom, while only 4% were motivated solely by espionage.
-For initial access, attacks targeted well-known exposure footprint, including web-facing assets (18%), external remote services (12%), and supply chains (3%).
-Meanwhile, identity-based attacks rose by 32%. More than 97% of identity attacks are password spray or brute force attacks.
-There has been an 87% increase in campaigns aimed at disrupting customer cloud environments through ransomware, mass deletion, or other destructive actions.
-Threat actors have begun using AI in malicious activities, including automated vulnerability discovery, phishing, malware or deepfake generation, data analysis, and crafting highly convincing fraudulent messages.
The report is rich with findings and observations like these on a wide range of topics, including cybercrime, identity attacks, ransomware, fraud, social engineering, cloud threats, and nation-state threat actors.
At @Microsoft, we’re taking action against these threats by disrupting cybercriminal ecosystems, sharing threat intelligence, and investing in proactive defenses to protect people, data, and critical systems.
AI is reshaping both threats and defenses. With responsible AI and cross-sector collaboration, organizations can reduce risk, safeguard identities, and build resilient systems. Read the Microsoft Digital Defense Report 2025 for more insights and defense guidance.
We've been hard at work advancing M365 Copilot, and so have our many partners who are building agents that integrate with Copilot and Teams to transform how work gets done.
A few great examples:
Check out my latest article: Safeguarding AI: Azure OpenAI Prompt Shields and Defending LLMs Against Adversarial Attacks https://t.co/iP9WHK6G3b via @LinkedIn
Published today in @ScienceMagazine: a landmark study led by Microsoft scientists with partners, showing how AI-powered protein design could be misused—and presenting first-of-its-kind red teaming & mitigations to strengthen biosecurity in the age of AI.
🚨 It started with one tiny alert. It ended with uncovering a massive retail cyberattack. See how the chase unfolded (and what you can learn from it) in our latest Cyberattack Series blog: https://t.co/5BTMrAv7ha
Microsoft Sentinel is evolving into both the SIEM and the platform for agentic defense:
Sentinel data lake, which brings together all your security data, from Microsoft and third-party sources, is now generally available. https://t.co/BovnnJpu95
An important breakthrough from our teams: a new approach to liquid cooling that uses microfluidics, opening the door to more efficient, sustainable, and power-dense datacenters than conventional methods.
https://t.co/hCbOpDPWWA