Live
Copilot Studio's maker auth model enables prompt injection attacks across enterprise tools and connectors.·MSFT +0.1%Microsoft's zero-trust stack gives every AI agent in Windows 365 a unique identity.·NVDA +3.0%Nation-state groups exploit weak M365 admin controls—eight-step blueprint to prevent full tenant takeover·GOOGL +1.2%Pax8 Partners Gain Recurring Revenue with inforcer Copilot Readiness Service·AMZN +2.9%Microsoft 365 Baseline Security Mode: One-Click Hardening with Legacy Exclusions·MSFT +0.1%Microsoft Teams Phishing Attack Bypasses MFA via Fake IT Chat·NVDA +3.0%Inforcer Debuts Microsoft 365 Threat Detection Platform for MSPs·GOOGL +1.2%Fire and Emergency NZ Blocks Document Downloads to Personal Devices from June 2026·AMZN +2.9%Copilot Studio's maker auth model enables prompt injection attacks across enterprise tools and connectors.·MSFT +0.1%Microsoft's zero-trust stack gives every AI agent in Windows 365 a unique identity.·NVDA +3.0%Nation-state groups exploit weak M365 admin controls—eight-step blueprint to prevent full tenant takeover·GOOGL +1.2%Pax8 Partners Gain Recurring Revenue with inforcer Copilot Readiness Service·AMZN +2.9%Microsoft 365 Baseline Security Mode: One-Click Hardening with Legacy Exclusions·MSFT +0.1%Microsoft Teams Phishing Attack Bypasses MFA via Fake IT Chat·NVDA +3.0%Inforcer Debuts Microsoft 365 Threat Detection Platform for MSPs·GOOGL +1.2%Fire and Emergency NZ Blocks Document Downloads to Personal Devices from June 2026·AMZN +2.9%

Microsoft 365 Security

The latest Microsoft 365 Security coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 11:28 PM
Latest Most Read Breaking
Sort
Copilot Studio · Microsoft 365 Security

Copilot Studio's maker auth model enables prompt injection attacks across enterprise tools and connectors.

Microsoft's Copilot Studio agents are becoming a staple in enterprise automation, but security researchers are raising alarms about a critical design flaw: the way these agents authenticate and...

Advertisement
Conditional Access · Microsoft 365 Security

Microsoft 365 Baseline Security Mode: One-Click Hardening with Legacy Exclusions

Microsoft has quietly rolled out Baseline Security Mode, a new opt-in feature in the Microsoft 365 admin center that allows organizations to apply a comprehensive set of security recommendations with...

SE Security Desk·5w ago
Identity Attack Surface · Mfa Phishing

Microsoft Teams Phishing Attack Bypasses MFA via Fake IT Chat

Attackers are exploiting Microsoft Teams to pose as IT support, trick users into granting external access, and bypass multi-factor authentication protections. On June 8, 2026, Palo Alto Networks'...

SE Security Desk·5w ago
Identity Security · Incident Response

Inforcer Debuts Microsoft 365 Threat Detection Platform for MSPs

Inforcer on June 8, 2026, unveiled a dedicated threat detection and response platform engineered specifically for managed service providers (MSPs) safeguarding Microsoft 365 environments. The launch...

SE Security Desk·5w ago
Byod Device Governance · Microsoft 365 Security

Fire and Emergency NZ Blocks Document Downloads to Personal Devices from June 2026

{ "title": "Fire and Emergency NZ Blocks Downloads to Personal Devices (Browser-Only Access)", "content": "Fire and Emergency New Zealand (FENZ) has announced it will prevent users from...

SE Security Desk·5w ago
Ai Governance · Compliance Retention

AI Governance: Monitoring Human-AI and Agent-to-Agent Conversations in Microsoft 365

Theta Lake dropped a bombshell on the compliance world this week. The California-based collaboration security vendor declared that organizations must start treating “aiComms”—human-to-AI and...

AI AI & Copilot Desk·6w ago
Cve-2026-48579 · Exchange Online

CVE-2026-48579 Exchange Online Info Disclosure: What Administrators Need to Know

Microsoft has officially listed CVE-2026-48579 as an information disclosure vulnerability affecting Microsoft Exchange Online, according to a recent entry in the Security Update Guide. The...

SE Security Desk·6w ago
Identity And Access · Mfa And Conditional Access

Malicious Microsoft 365 Logins Surge 25% from US, UK—Stop Trusting Low-Risk Country Checkmarks

Malicious login attempts targeting Microsoft 365 accounts from the United States and United Kingdom soared by roughly 25 percent in April 2026, according to new data from Barracuda Networks. The...

SE Security Desk·6w ago
Entra Id · Identity Posture Management

Huntress Flags Rampant M365 Identity Gaps: MFA Neglect, Admin Overprivilege, Weak Passwords

Huntress has released alarming findings from the initial deployment of its new Identity Security Posture Management (ISPM) tool, revealing pervasive misconfigurations across Microsoft 365...

SE Security Desk·6w ago