Teams Live Events dies June 30 — migrate now. Exchange Server OWA has an active XSS CVE. Meanwhile, Purview ships posture reporting, Copilot Studio goes fully agentic with computer-use GA, and Entra tackles shadow tenant sprawl.
Read digest →CVE-2026-42897 demands immediate patch action on all on-prem Exchange deployments, while Teams Live Events hits its June 30 retirement deadline — but this week also delivers real capability unlocks across AI agent governance, Purview posture reporting, and Entra multi-tenant visibility.
Read digest →Entra Agent ID and configurable token lifetimes hit GA, CBA on iOS is fully unblocked, and a Microsoft Connect Sync to Cloud Sync migration signal demands a hybrid identity review.
Read digest →A credential-only cloud breach, an actively exploited Linux vulnerability, and a hard November deadline for SAP integrations headline a week that demands attention from identity, security, and IT leadership.
Read digest →Dirty Frag is being actively exploited on Linux endpoints. Storm-2949 proves credentials alone are enough to wipe a cloud environment. Know what needs action now.
Read digest →Two hard June deadlines, hotpatch going default across all eligible devices, and Agent 365 is now the live control plane for AI governance. This week has teeth.
Read digest →The weekly Microsoft 365 change digest built for engineers who actually have to act on it — not summaries, operational signal.
Read digest →