Signal Roundup — 20 June 2026
Five items this week: Conditional Access extends to baseline-scope sign-ins, self-service password reset will require registered authentication methods, a North Korean npm supply-chain compromise, an AI-agent host takeover from a single web page, and central authorization for Claude's MCP connectors.
Signal Roundup — 24 May 2026
Four items: Microsoft Entra ID Account Recovery and Purview DSPM reach GA; Exchange Online DLP shifts OWA client-side checks from Transport to Data Classification Services; AutoRest deprecation puts the Graph PowerShell SDK pipeline at risk; and Search-UnifiedAuditLog gains a MoreRecordsAvailable property.
Week 20, 2026 — Signal Roundup
Entra ID begins enforcing Conditional Access for OIDC-only sign-ins; Windows Autopatch hotpatch goes on by default; Defender XDR alert tuning reaches GA; Purview adds dynamic-group label scoping; and Patch Tuesday fixes 120 vulnerabilities.