Microsoft

Code injection attacks using publicly disclosed ASP.NET machine keys

In December 2024, Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver ...
theregister

'Skeleton Key' attack unlocks the worst of AI, says Microsoft

Microsoft on Thursday published details about Skeleton Key – a technique that bypasses the guardrails used by makers of AI models to prevent their generative chatbots from creating harmful content. As ...
Visual Studio Magazine

VS Code Expands AI Flexibility with Bring Your Own Key

Microsoft announced expanded AI model support in Visual Studio Code through a new Bring Your Own Key (BYOK) capability that lets developers connect models from different providers by entering their ...