Longtime Slashdot reader UnknowingFool writes: On April 15, 2026, a Microsoft employee made a change to Visual Studio Code and pushed it within 8 hours without review, notification, or documentation. The change added "Co-authored-by: Copilot" by default to the end of commit messages in Git when Copilot was used in creating the code. However, the implementation was bugged, and the message was added to every commit regardless if Copilot was used or disabled. Since this message was automatically added to the end of commit messages, users were not aware of it as the UI does not show this addition when making commits. The change as been reverted as of May 3, but not before 1.4 million commits were made. Unfortunately, those messages cannot be cleansed and are permanent.

Read more of this story at Slashdot.

The malicious emails claim to contain a conduct report and lure victims to a Microsoft phishing website that leverages AitM.

The post Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations appeared first on SecurityWeek.

Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. [...]

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. [...]

Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. [...]

Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. [...]

Microsoft has updated a Windows 11 in-box app removal policy introduced in October to include a dynamic list that lets IT admins choose which preinstalled Store apps to uninstall. [...]

Microsoft has released the KB5083631 optional cumulative update for Windows 11, which includes 34 changes, such as a new Xbox mode for Windows PCs, enhanced security and performance for batch files, and performance improvements for launching startup apps. [...]

The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks. [...]

Illinois Rep. Delia Ramirez is taking over as the top Democrat on the House Homeland Security panel’s cybersecurity subcommittee, replacing former Rep. Eric Swalwell after his resignation.

Committee Democrats approved the change Tuesday at a meeting prior to a “shadow hearing” without the GOP majority, focused on protecting elections from Trump administration interference.

Ramirez first won election to Congress in 2022 and was reelected in 2024. She has served as the vice ranking member of the committee since 2023. She is now the ranking member of the Subcommittee on Cybersecurity and Infrastructure Protection.

She has leveled criticisms during committee hearings about the Trump administration’s personnel cutbacks at the Cybersecurity and Infrastructure Security Agency, and was critical of how data was secured under the administration’s Department of Government Efficiency initiative led by Elon Musk.

“Under a Musk and Trump presidency, it’s clear that the security of Americans’ information is not a priority. I mean, a private civilian with no security clearance bullied his way into the Treasury, set up private servers, and stole sensitive information from an agency. If that isn’t a national security crisis, a cybersecurity  crisis –then I don’t know what is,” Ramirez said at an early 2025 hearing. “The true threat to our homeland security is ‘fElon’ Musk, Trump, and their blatant misuse of power to steal information and coerce employees to leave agencies.”

She cosponsored legislation last year meant to strengthen the cybersecurity workforce by promoting measures to help workers from underrepresented and disadvantaged communities to join the field.

But she also had criticisms of U.S. cybersecurity under the Biden administration, including of Microsoft’s role in the SolarWinds breach.

In a statement about her appointment Tuesday, Ramirez took aim at at Trump, Vice President JD Vance, Department of Homeland Security Secretary Markwayne Mullin and White House homeland security adviser Stephen Miller.

“It’s clear that the security of our communities’ information, federal networks, and critical infrastructure have not been priorities” under them, she said. “Between the security failures of DOGE, the abuses of immigrant families’ data, and the decimation of CISA’s workforce and resources, Republicans have demonstrated a lack of interest in safeguarding our nation’s cybersecurity and our residents’ civil rights and privacy. In neglecting necessary oversight, Republicans have deregulated emerging technologies, allowed bad actors to profit from violations of our civil rights, and consented to the weaponization of government systems. It is more critical than ever that we assert our Congressional authority and disrupt the blatant corruption making us all less safe.”

Swalwell left the position following his resignation from Congress as a representative from California amid allegations of sexual misconduct.

Her ascension completes a full leadership turnover for the subcommittee. Rep. Andy Ogles, R-Tenn., took over the gavel late last year after former chairman Andrew Garbarino, R-N.Y., took over as chairman of the full committee.

The subcommittee is set to hold a hearing Wednesday on CISA and its role as the sector risk management agency for a number of critical infrastructure sectors.

Updated 4/28/26: to include comment from Ramirez.

The post Rep. Delia Ramirez takes over as top House cybersecurity Dem appeared first on CyberScoop.

Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. [...]

Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. [...]

After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. [...]

A Chinese national allegedly involved in a massive, pandemic-era attack spree that compromised nearly 13,000 U.S. organizations was extradited from Italy to the United States and formally charged in federal court, the Justice Department said Monday.

Xu Zewei and his co-conspirators are accused of exploiting a string of zero-day vulnerabilities in Microsoft Exchange Server to steal research on COVID-19 vaccines, treatment and testing during the initial wave and subsequent height of the pandemic.

His alleged crimes, directed by China’s intelligence services, were part of a broader espionage campaign known as HAFNIUM, which targeted infectious disease experts, law firms, universities, defense contractors and policy think tanks, according to an indictment filed against Xu and Zhang Yu, who remains at large. 

The China state-sponsored threat group behind those attacks against Microsoft customers, and many other vendors’ customers since, is now more widely known as Silk Typhoon.

“Xu will now answer for his alleged role in HAFNIUM, a group responsible for a vast intrusion campaign directed by China’s Ministry of State Security that compromised more than 12,700 U.S. organizations,” Brett Leatherman, assistant director of the FBI’s Cyber Division, said in a statement.

“He is one of many contractors the Chinese government uses to obscure its hand in cyber operations, and others who do the same face the same risk,” he added.

Xu allegedly committed the attacks while working for Shanghai Powerock Network, one of many companies that conducted attacks for China’s various intelligence services, according to court records.

Italian authorities arrested Xu at the United States’ request in Milan in July. His capture underscores a window of opportunity U.S. officials and allies can take when nation-state attackers travel to countries that cooperate with the United States.

Italy extradited Xu to the United States Saturday but didn’t release his extradition orders until Monday, Simona Candido, his attorney in Italy, told CyberScoop.

Officials said Monday marked Xu’s first appearance in the U.S. District Court for the Southern District of Texas. He is currently being held at a federal prison in Houston.

“We have pursued this moment across years and continents, and the message this office sends today is the same one we sent when we first unsealed this indictment: we will work to protect the American people,” John G.E. Marck, acting U.S. attorney for the Southern District of Texas, said in a statement.

Xu allegedly worked under the direction of China’s Ministry of State Security’s Shanghai State Security Bureau to break into U.S. organizations’ networks, steal data and implant webshells for persistent remote access. Officials also accuse Xu of stealing information regarding U.S. policymakers and government agencies from a global law firm with offices in Washington. 

Microsoft first warned customers about the HAFNIUM campaign in March 2021. The FBI and Cybersecurity and Infrastructure Security Agency followed soon after with a joint advisory about the widespread compromise of Microsoft Exchange Server. 

“Today’s law enforcement action demonstrates the real-world consequences of this state-led activity, which is fueled by a vast network of private companies operating under the direction of the Chinese government,” Aaron Shraberg, senior team lead of global intelligence at Flashpoint, told CyberScoop.

“Extraditing these individuals from countries in coordination with international law enforcement demonstrates a united stance on these actions, and the importance of bringing real-world consequences to China’s notorious targeting of not just the American people and their businesses, but individuals globally as well,” Shraberg added.

Xu is charged with conspiracy to commit wire fraud; two counts of wire fraud; conspiracy to cause damage to and obtain information by unauthorized access to protected computers, to commit wire fraud, and to commit identity theft; two counts of obtaining information by unauthorized access to protected computers; two counts of intentional damage to a protected computer; and aggravated identity theft. 

The 34-year-old faces up to 62 years in prison for his alleged crimes.

The post Chinese national extradited to US for pandemic-era Silk Typhoon attacks appeared first on CyberScoop.

Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. [...]

Microsoft says it's rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. [...]

Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. [...]

Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. [...]

Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday. [...]