As LLMs and diffusion models power more applications, their safety alignment becomes critical. Our research shows that even minimal downstream fine‑tuning can weaken safeguards, raising a key question ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Most security incidents happen in the gap between knowing what matters and actually implementing security controls ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.

Discover Microsoft’s holistic SDL for AI combining policy, research, and enablement to help leaders secure AI systems against ...

This case study examines how vulnerabilities in AI frameworks and orchestration layers can introduce supply chain risk. Using ...

Learn how Microsoft research uncovers backdoor risks in language models and introduces a practical scanner to detect tampering and strengthen AI security.

Congratulations to the winners of the 2026 Microsoft Security Excellence Awards that recognize the innovative defenders who ...

Security teams often spend days manually turning long incident reports and threat writeups into actionable detections by ...

The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we ...

Discover how aligning AI transformation with sustainability can boost efficiency, resilience, and long‑term competitiveness ...