Microsoft has integrated the Power Automate workflow experience directly into SharePoint Online. This allows users to view, create, and manage workflows without leaving the SharePoint site interface. This also introduces a context-aware “Mad-Lib” style automation experience that automatically prefills trigger inputs such as SharePoint sites, lists, and libraries to simplify workflow creation.
Storm-2949 is a sophisticated identity-based attack campaign where a single compromised Microsoft 365 account can lead to wider access across Microsoft 365 and Azure environments. Instead of relying on malware, the attackers abused trusted Microsoft services, MFA workflows, tokens, and permissions to silently move deeper into the environment.
The new Security Detection Report in the Teams admin center helps admins monitor messaging threats across Teams, including impersonation attempts, malicious links, and weaponizable file types. Available from late June 2026, it enables admins to review threats, export detection details, and block malicious external users identified in the report.
Microsoft has rolled out a redesigned dashboard in the Microsoft 365 admin center that brings together the management of Microsoft 365 services, Copilot, AI agents, and more. The updated experience introduces a cleaner layout, streamlined navigation, and centralized insights across users, licensing, service health, and recommendations.
AI tools and agents boost productivity, but unmanaged usage often leads to hidden data leaks and security gaps. Microsoft introduces the Shadow AI page in the Microsoft 365 admin center (Frontier preview) to help you identify and block unauthorized AI agents before they become a risk.
Microsoft Entra ID Account Discovery, currently in preview, gives admins better visibility into user accounts across enterprise applications in Entra ID. By classifying accounts as local, unassigned, or assigned, it highlights mismatches and disconnected users before provisioning. Since this feature isn’t enabled by default, admins need to opt in at the tenant level to start using it.
Struggling to automate secure monitor manage M365?
Try AdminDroid for Free!Get Microsoft 365 Security tips & best practices
Detect Storm-2949 attacks in Microsoft 365 using AdminDroid. Identify and act early before it escalates into a cloud breach
8 min read
Learn how to control unmanaged device access in SharePoint Online to protect data by limiting or blocking access from non-compliant devices at tenant and site level.
11 min read
Explore default user permissions in Microsoft 365 and learn how to manage these built-in settings that are enabled by default.
13 min read
Discover how the Shadow AI page in Microsoft 365 helps you identify, monitor, and block unauthorized AI tools to reduce risk and secure usage.
4 min read
Discover the top Microsoft 365 security settings you should disable to reduce risks, prevent data exposure, and strengthen tenant security.
16 min read
Learn how to prevent calendar phishing attacks in Microsoft 365 and protect users from malicious meeting invites that bypass email security.
12 min read
Learn how to configure Multi Admin Approval in Intune to prevent accidental device wipes and add an extra layer of administrative control.
11 min read
Explore how ConsentFix attack abuses trusted Microsoft 365 first-party app access and learn mitigations to prevent OAuth token misuse.
15 min read
Explore Microsoft’s new Security Dashboard for AI in public preview to monitor AI assets, risks, and security posture in one place.
6 min read
Explore step-by-step methods to identify insecure RC4 usage in Active Directory Kerberos tickets and disable them to strengthen security.
16 min read
Learn how to protect email data on unmanaged devices using app protection policy in Microsoft Intune.
12 min read
Discover the top Microsoft 365 admin blogs of 2025, featuring the latest tips and best practices to help you manage your M365 environment.
15 min read