Microsoft has officially discontinued the Collections and Sidebar features in Edge version 149 to focus on AI integration. Collections previously allowed users to organize web research, shopping items, and travel plans with rich visual previews and notes. This change marks a significant shift in the browser's development strategy under the current Microsoft AI leadership team.

Source

A self-replicating worm named Miasma has successfully compromised 73 Microsoft GitHub repositories across several organizations, including Azure and MicrosoftDocs. GitHub staff responded by disabling access to high-profile repositories such as the Azure Functions host and various Durable Task implementations. This incident appears to be a continuation of a previous compromise, suggesting that the threat actors maintained access to credentials from earlier attacks.

Source

An autonomous AI agent recently discovered 21 previously unknown vulnerabilities in the FFmpeg media library, some of which had remained hidden for over 20 years. These flaws include heap and stack overflows in various parsers and decoders that are widely used across numerous video processing applications. The discovery highlights how AI tools can now perform deep security analysis of complex codebases at a significantly lower cost than traditional manual methods.

Source

Google has launched Gemma 4 QAT, a series of open-weights models optimized for local execution on hardware with limited memory. These models utilize Quantization-Aware Training to simulate lower-precision calculations during the training phase, which preserves output quality even when the model files are heavily compressed. The release includes a 12B parameter version specifically designed to run on standard enterprise laptops equipped with 16GB of RAM or unified memory.

Source

A critical vulnerability in the Hugging Face Transformers library, tracked as CVE-2026-4372, allows attackers to execute arbitrary code through specially crafted model configuration files. The flaw bypasses the standard security setting intended to block untrusted remote code by exploiting how the library processes internal attributes during model loading. This vulnerability specifically targets the from_pretrained() function, which is a standard method used to initialize pre-trained models from the Hugging Face Hub.

Source

OpenAI is expanding the availability of Lockdown Mode to all eligible personal and self-serve ChatGPT Business accounts. This advanced security setting is designed to mitigate the risk of data exfiltration resulting from prompt injection attacks. While the feature provides enhanced protection for sensitive data, it functions by disabling several core capabilities that require external network connectivity.

Source

Microsoft has released a new update package designed to refresh the security definitions and engine within Windows installation images. These updates target WIM and VHD files as well as ISOs used for deploying operating systems across the network. By integrating these patches into the installation media, the protection gap that exists between the initial OS setup and the first online update is significantly reduced.

Source

Microsoft has officially acknowledged that the Windows 11 modern context menu suffers from performance lag caused by late-loading app extensions. These extensions, which include options like "Edit with Clipchamp" or "Ask Copilot," often cause the menu to shift or resize while a user is attempting to click an item. This behavior frequently leads to misclicks and frustration, particularly on systems with lower hardware specifications where the delay is more pronounced.

Source

WSL container is a new feature coming to the Windows Subsystem for Linux (WSL), announced at Microsoft Build 2026. It provides a built-in way to run OCI-compatible Linux containers on Windows without third-party tools like Docker Desktop. The feature includes two parts: a command-line tool, wslc.exe, and a developer API. As of June 2026, it is in active development and has not shipped as part of a stable WSL release.

Source

Microsoft researchers discovered a vulnerability in Anthropic’s Claude Code GitHub Action that allowed attackers to exfiltrate sensitive CI/CD secrets. While the tool used sandboxing for command execution, its file-reading capabilities were not initially restricted by the same security boundaries. This oversight allowed the AI agent to read internal system files, such as environment variables containing API keys, when manipulated by malicious input.

Source

Anthropic reports that artificial intelligence is increasingly designing its own successor models through a process known as recursive self-improvement. Development trends show that AI agents are managing significantly longer tasks, with capabilities evolving from completing four-minute functions to handling complex twelve-hour engineering problems within two years. As these systems move toward full autonomy, human developers are being abstracted away from direct coding and research, shifting their focus toward high-level goal setting and verification.

Source

Microsoft recently unveiled MAI-Thinking-1, a new in-house reasoning model designed to reduce its reliance on OpenAI technology. The company marketed the model to enterprise customers as being trained on a clean and commercially licensed data lineage to minimize legal risks. This flagship model features a mixture-of-experts architecture with 35 billion active parameters and a 256K context window for advanced software engineering tasks.

Source

Microsoft has resumed the automatic installation of the Copilot application on eligible Windows PCs that currently run Microsoft 365 desktop apps. This deployment is being executed in phases throughout June and early July, with a final completion date set for July 1. While the application will appear on systems automatically, it does not grant users access to paid features without a valid subscription.

Source

Microsoft now permits customers to apply existing SQL Server licenses toward usage on Amazon Relational Database Service (RDS). This change allows organizations with Software Assurance to move their database workloads to a managed service without paying for licenses a second time. Previously, bringing existing licenses to the AWS cloud was restricted to self-managed virtual machines on Elastic Compute Cloud (EC2).

Source

Microsoft CEO Satya Nadella recently issued a sharp internal rebuke following the leak of a strategy document regarding the company's new AI tool, Scout. The memo, authored by Corporate Vice President Omar Shahine and Jakob Werner, proposed a three-phase plan to transition the software from an "addictive app" to an "agentic platform." Nadella responded to approximately 50 senior leaders, stating that creating addiction is "absolutely a non-goal" for the company's artificial intelligence development.

Source

Cloudflare has launched new spend control features within its AI Gateway to help organizations manage rising costs associated with large language models. The tool acts as a proxy between applications and AI providers like OpenAI or Anthropic to provide visibility into token usage. It now supports the creation of budgets in dollar amounts rather than just token counts to prevent unexpected overages.

Source

Cisco IT successfully addressed frequent network outages by consolidating its fragmented observability tools into a single platform. Previously, critical diagnostic data was scattered across various systems like Elastic, Prometheus, and Grafana, preventing teams from correlating signals during major incidents. By migrating all logs and metrics to a unified architecture, the organization gained a holistic view of its global infrastructure spanning over 100,000 endpoints.

Source

Microsoft is phasing out the custom master password feature in the Edge browser's built-in password manager. Starting June 4, 2026, the browser will transition all users to device-based authentication methods for protecting saved credentials. This shift aims to eliminate the risks associated with static primary passwords that can be stolen or shared.

Source

Uber recently exhausted its entire 2026 AI budget by April after aggressively deploying coding tools across its engineering department. This rapid consumption was fueled by internal leaderboards that incentivized employees to maximize their use of generative models. To regain financial control, the company has now implemented a $1,500 monthly spending cap per engineer for tools like Claude Code and Cursor.

Source