DEV Community: Abhishek Dave

Pinterest Enhances Reliability and Quality Amid AI Content Flood

Abhishek Dave — Thu, 05 Jun 2025 06:30:48 +0000

Originally published at ssojet

Pinterest detailed its approach to network throttling challenges encountered while operating on Amazon EC2 instances. The platform, serving over 550 million monthly active users, faced increased latency and disruptions in its machine learning feature store, KVStore. Network performance limitations were linked to specific EC2 instance types, which provided burstable performance but not guaranteed bandwidth.

In 2024, Pinterest initiated migration to AWS's Nitro-based instance families, transitioning from i3 to i4i instances. This shift introduced challenges during bulk data uploads from Amazon S3 to their databases, resulting in performance degradation and application timeouts. Pinterest implemented strategies to mitigate EC2 network throttling, including selecting instances with higher baseline bandwidth and traffic shaping techniques to regulate data flow.

Additionally, Pinterest distributed workloads across multiple instances to reduce the risk of overloading any single resource. These strategies effectively minimized latency spikes and service disruptions, ensuring a smoother experience for users.

Pinterest's Response to AI-Generated Content

Pinterest plans to enhance user experience by implementing broader labeling of AI-generated content. A Pinterest spokesperson stated, "We have been building labeling of AI-generated or modified content to provide relevant context to users about what they see on Pinterest," and assured that they will continue to expand these labels in the coming months. Despite complaints about AI-generated content dominating users' feeds, Pinterest noted that impressions on generative AI content make up a small percentage of total impressions.

User Complaints Regarding AI Content

Users have expressed concerns about AI-generated pins overwhelming their feeds on Pinterest. The influx of AI content, referred to as "AI slop," has led to frustrations about the authenticity of inspiration found on the platform. Many users have turned to Reddit to voice their dissatisfaction, arguing that the platform prioritizes AI automation over user experience. Complaints include feelings of being bombarded with ads and the difficulty in distinguishing between human-made content and AI-generated images.

AI Solutions and User Control Features

Pinterest is introducing new features to address the AI content issue. The "AI Modified" label will inform users when pins have been generated or modified using generative AI. This feature will utilize image metadata and classifiers to detect generative AI content. An additional "see fewer" option will allow users to customize their feeds based on their preferences for generative AI content in specific categories.

Transparency is crucial as Pinterest users seek inspiration based on human creativity. The AI labels and user control features represent a proactive approach to enhancing the platform's integrity while navigating the evolving landscape of AI-generated content.

Secure Authentication Solutions for Businesses

As businesses like Pinterest navigate challenges in user experience and content authenticity, secure authentication becomes paramount. SSOJet offers enterprise clients secure Single Sign-On (SSO) and user management through an API-first platform. With features such as directory sync, SAML, OIDC, and magic link authentication, SSOJet ensures robust security measures that enhance user experience and protect against breaches.

For businesses looking to strengthen their authentication processes, explore SSOJet's offerings at SSOJet.

Exploiting DevOps APIs: The Rising Threat of Cryptojacking

Abhishek Dave — Wed, 04 Jun 2025 05:57:59 +0000

Originally published at ssojet

Cybersecurity researchers have identified a significant cryptojacking campaign, named JINX-0132, targeting publicly accessible DevOps applications such as Docker, Gitea, and HashiCorp Consul and Nomad. Attackers exploit known misconfigurations and vulnerabilities to deploy cryptocurrency miners like XMRig, leveraging large compute resources that could cost organizations tens of thousands of dollars per month.

Image courtesy of The Hacker News

Exploitation Techniques

The attackers use off-the-shelf tools from public GitHub repositories rather than relying on proprietary infrastructure, which complicates detection and attribution. Their approach signifies a shift in the threat landscape, focusing on exploiting misconfigurations rather than traditional malware deployment.

Wiz researchers highlighted that attackers are particularly focused on the following applications:

HashiCorp Nomad: A scheduler and orchestrator for deploying applications. The default settings allow any user with access to create and run jobs, leading to potential remote code execution (RCE) if not properly secured. More details can be found in the Nomad Security Model.
HashiCorp Consul: A service networking tool that can be abused if not configured with access control lists, allowing unauthorized users to register services and potentially execute arbitrary commands.
Docker API: The Docker API is often misconfigured, allowing attackers to perform actions such as spinning up containers or executing commands without authentication. Refer to the Docker API documentation for best practices.
Gitea: A self-hosted Git repository manager that can suffer from RCE vulnerabilities if misconfigured or left with insecure defaults. For instance, older versions are vulnerable to CVE-2020-14144.

Vulnerability Statistics

Wiz reports that 25% of cloud environments are running at least one of these technologies, with significant numbers exposed to the internet. Specifically, among those using these tools, 5% directly expose them, and 30% of those deployments exhibit misconfigurations.

Security Recommendations

Organizations must implement best practices to mitigate the risks associated with these vulnerabilities:

For Nomad: Enable access control lists (ACLs) to restrict unauthorized access to the job execution feature.
For Consul: Disable script checks and restrict the HTTP API to bind only to localhost.
For Docker: Ensure that the API is not exposed to the internet to prevent unauthorized access.
For Gitea: Regularly update to the latest versions and do not enable Git hooks unless necessary.

Implementing secure single sign-on (SSO) solutions can enhance security across these applications. By utilizing SSOJet’s API-first platform, businesses can implement directory synchronization, SAML, OIDC, and magic link authentication, thereby safeguarding their DevOps environments.

Continuous Monitoring and Detection

To effectively protect against cryptojacking and similar attacks, continuous monitoring and detection mechanisms are essential. The use of tools that identify misconfigurations and unsecured endpoints can significantly reduce the risk of exploitation.

Conclusion

To defend against the evolving threat landscape, organizations must prioritize security configurations, leverage robust authentication methods, and maintain vigilant monitoring practices. SSO solutions from SSOJet can provide an added layer of protection, ensuring that access to critical DevOps tools is tightly controlled and monitored.

For further insights into securing your DevOps environment, explore SSOJet’s services or contact us at https://ssojet.com.

CISA Alerts Active Exploitation of ConnectWise ScreenConnect Bug

Abhishek Dave — Wed, 04 Jun 2025 05:57:01 +0000

Originally published at ssojet

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.

CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass Vulnerability
CISA urges organizations to review the ConnectWise Security Bulletin and apply the necessary updates: ConnectWise ScreenConnect 23.9.8 security fix.

These vulnerabilities are frequent attack vectors for malicious actors and pose significant risks. The Binding Operational Directive (BOD) 22-01 mandates that Federal Civilian Executive Branch (FCEB) agencies remediate identified vulnerabilities by the due date.

CISA strongly encourages all organizations to prioritize timely remediation of Catalog vulnerabilities in their vulnerability management practices.

Vulnerability Details: CVE-2024-1709

Public exploit exists! ConnectWise ScreenConnect versions 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, potentially allowing attackers direct access to confidential information or critical systems.

ConnectWise has confirmed that the flaw is linked to ransomware campaigns.
The vulnerability is rated with a critical severity score of 10.0, indicating it is highly exploitable.
The exploit is classified under the CWE-288 Authentication Bypass Using an Alternate Path or Channel.

Mitigation steps include applying vendor instructions to remediate or discontinuing use of the product if mitigations are unavailable.

CISA Warns of ConnectWise ScreenConnect Bug Exploited in Attacks

CISA alerts U.S. federal agencies of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server.

Image courtesy of BleepingComputer

The vulnerability, tracked as CVE-2025-3935, can be exploited for a ViewState code injection attack. ConnectWise notes that ASP.NET Web Forms relies on the ViewState component to preserve page and control state using base64-encoded data.

If an attacker compromises the machine keys, they could trigger remote code execution on the server through malicious payloads. Following the recent ConnectWise breach, this vulnerability has raised alarms among cybersecurity professionals.

CISA has listed this vulnerability along with four other security issues affecting ASUS routers and Craft CMS, indicating a broader concern in cybersecurity resilience.

CISA Alerts on ConnectWise ScreenConnect Authentication Vulnerability Actively Exploited

A critical improper authentication vulnerability in ConnectWise ScreenConnect has been designated as CVE-2025-3935 and mapped to CWE-287.

The flaw exposes all ScreenConnect versions up to and including 25.2.3 to ViewState code injection attacks that could result in remote code execution (RCE) if machine keys are compromised. This vulnerability is rated high severity (CVSS 8.1/10) and is considered a priority risk.

Security researchers emphasize that the flaw’s impact extends beyond typical authentication bypass scenarios.
By injecting arbitrary code into ViewState payloads, attackers could execute commands on underlying servers with the same privileges as the ScreenConnect service account.

Organizations using unpatched ScreenConnect versions face heightened risks of credential harvesting and system hijacking. CISA recommends applying patches immediately and isolating ScreenConnect servers from broader networks as urgent measures.

Mitigation, Compliance, and Upgrade Guidance

ConnectWise has issued urgent guidance and patches to mitigate the vulnerability.

Immediate upgrade to ScreenConnect version 25.2.4 is necessary to disable ViewState and remove its dependency.
For on-premises instances, manual upgrade is mandatory for all deployments running 25.2.3 or earlier.
Security hardening measures should include resetting administrator passwords, enabling multi-factor authentication (MFA), and monitoring for unusual activity.

Organizations are urged to follow CISA’s Binding Operational Directive (BOD) 22-01 for remediation of known exploited vulnerabilities. Continuous monitoring and integration of the Known Exploited Vulnerabilities catalog into vulnerability scanning tools are essential to maintain security posture.

For organizations looking to enhance their security against similar vulnerabilities, implementing secure single sign-on (SSO) solutions like SSOJet can streamline user management while ensuring enterprise-grade authentication standards. Visit SSOJet to explore our API-first platform featuring directory sync, SAML, OIDC, and magic link authentication.

OpenAI Codex Transitions to Rust: Enhancing Efficiency and Power

Abhishek Dave — Wed, 04 Jun 2025 05:55:42 +0000

Originally published at ssojet

OpenAI has transitioned its Codex CLI to Rust, moving away from the previous stack of React, TypeScript, and Node. This change aims to enhance security and performance while providing a better developer experience. As stated in the announcement, the primary motivations behind this rewrite include:

Zero-dependency Install: The previous requirement of Node v22+ was a barrier for some users. The Rust version eliminates this issue.
Native Security Bindings: The new implementation benefits from Rust's capabilities for Linux sandboxing, which enhances security.
Optimized Performance: Rust's design avoids runtime garbage collection, leading to reduced memory usage.
Extensible Protocol: The Codex CLI will support a "wire protocol" for extending its functionality in multiple programming languages, including JavaScript and Python. Codex CLI on GitHub.

The Codex CLI's Rust implementation is still in development alongside bug fixes for the TypeScript version until feature parity is achieved. Developers can test the new version with the command:

npm i -g @openai/codex@native
codex

Image courtesy of DEVCLASS

Benefits of Using Rust for Codex CLI

Rust offers several advantages that make it suitable for the Codex CLI rewrite:

Performance: Rust is generally more efficient than JavaScript running on the V8 engine, which is used by Node.js. The lack of garbage collection in Rust allows for more predictable performance.
Security: Rust’s strong type system and ownership model help eliminate many common classes of bugs during compile-time.
Extensibility: The new CLI will allow developers to extend its capabilities in various languages, ensuring versatility and community contributions.

This rewrite aligns with a broader trend in the industry where companies are increasingly shifting to Rust for performance-critical applications. Microsoft, for example, is also adopting Rust for new developments that do not require garbage collection. Microsoft's commitment to Rust.

Claude 4 AI Model: A New Standard for AI Coding

Anthropic has launched Claude 4, introducing two variations: Opus 4 and Sonnet 4, which are designed to push the boundaries of AI coding capabilities. Opus 4 is targeted at complex, long-running tasks, capable of operating autonomously for hours. Key features include:

Hybrid Reasoning: Claude 4 can switch between quick responses for simple queries and deep analysis for complex problems.
Extended Thinking: This allows the model to engage in multi-step reasoning while utilizing external tools.
Tool Use: Both Opus 4 and Sonnet 4 can integrate various tools during their operational processes, enhancing their utility.

Early benchmarks show Opus 4 achieving high scores on coding tasks such as SWE-bench and Terminal-bench, establishing it as a leader in the industry. Claude 4 on Ars Technica.

Image courtesy of DEV Community

Security and User Management with SSOJet

For enterprises focusing on robust authentication and user management, SSOJet's API-first platform offers secure Single Sign-On (SSO) capabilities, along with advanced features like Multi-Factor Authentication (MFA) and Passkey support. SSOJet integrates easily with existing systems, enhancing user experience while ensuring security.

SSOJet's platform supports:

Directory Sync: Seamlessly sync user directories for consistent access across applications.
SAML and OIDC Support: Provides wide compatibility with various identity management systems.
Magic Link Authentication: Offers a user-friendly alternative to traditional logins, improving security and ease of access.

Explore how SSOJet can streamline your authentication processes and enhance user experiences in your enterprise applications. For more information, visit SSOJet or contact us for personalized solutions.

EU Launches New Vulnerability Database to Enhance Cybersecurity

Abhishek Dave — Wed, 04 Jun 2025 05:54:53 +0000

Originally published at ssojet

European Vulnerability Database (EUVD) Launch

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a new public platform designed to enhance coordination and transparency in vulnerability management across the EU. This platform operates alongside the established Common Vulnerabilities and Exposures (CVE) system but aims to offer unique functionalities tailored for the European digital landscape.

The EUVD aims to improve Europe’s digital resilience by supporting risk assessment and incident response. It utilizes the Vulnerability-Lookup repository to provide an open-access interface for reported vulnerabilities, including detailed descriptions and metadata. While it references MITRE’s CVE entries, the EUVD employs its own identification system, allowing for independent validation of reports.

Objectives and Features

The EUVD is developed under the NIS2 Directive, aiming to deliver aggregated, reliable, and actionable information on vulnerabilities impacting Information and Communication Technology (ICT) products and services. The platform features three dashboard views:

Critical Vulnerabilities
Exploited Vulnerabilities
EU Coordinated Vulnerabilities

This structured approach allows for better analysis and correlation of vulnerabilities, facilitating enhanced cybersecurity risk management.

Henna Virkkunen, European Commission Executive Vice-President for Tech Sovereignty, stated, “The EU Vulnerability Database is a major step towards reinforcing Europe's security and resilience.”

Integration with Existing Frameworks

ENISA collaborates with various EU and international organizations, including the MITRE CVE Programme, ensuring the integration of CVE data and advisories from national Computer Security Incident Response Teams (CSIRTs) into the EUVD. This cooperation enhances situational awareness and provides a comprehensive resource for cybersecurity professionals.

Moreover, as a CVE Numbering Authority (CNA), ENISA can now register vulnerabilities identified by EU CSIRTs, reinforcing its role in the European cybersecurity ecosystem.

Implications for Vulnerability Management

The EUVD launch comes at a critical time, as the CVE program faced funding uncertainties, prompting discussions around the future of centralized vulnerability infrastructure. The introduction of the EUVD signals a shift towards decentralized vulnerability management, encouraging organizations to track vulnerabilities across multiple registries.

Organizations must now adapt to this multi-source environment, requiring tools capable of integrating and correlating data from various platforms. The RapidFort Software Attack Surface Management (SASM) platform is one such tool that allows security and DevSecOps teams to manage vulnerabilities effectively by contextualizing data and prioritizing risks.

Target Audience and Call to Action

The launch of the EUVD is particularly relevant for enterprises focused on robust authentication and identity management solutions. Implementing secure Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Passkeys is crucial for organizations navigating this evolving threat landscape.

SSOJet offers an API-first platform that facilitates secure SSO and user management for enterprise clients, ensuring seamless integration with existing systems through directory sync, SAML, and OIDC protocols.

Explore our services or contact us at ssojet.com to enhance your security posture in the face of emerging cybersecurity challenges.

Conclusion

The EUVD not only complements existing vulnerability databases like CVE but also fosters greater independence in vulnerability management within the EU. As organizations adapt to this new landscape, leveraging tools that incorporate comprehensive vulnerability data will be vital for effective risk management.

Utilizing efficient authentication mechanisms, such as those offered by SSOJet, will further secure your systems against potential breaches and vulnerabilities.

Enhancing Kubernetes Security with AI-Powered Intrusion Detection

Abhishek Dave — Mon, 02 Jun 2025 11:17:09 +0000

Originally published at ssojet

Kubernetes, the standard for container orchestration, faces significant security challenges due to its complex architecture. Traditional security measures often fall short in addressing dynamic workloads and East-West traffic vulnerabilities. Zero trust security models are essential for protecting these environments.

Dynamic Workloads and Security Challenges

Dynamic workloads in Kubernetes necessitate adaptive security tools. Traditional static security policies cannot effectively monitor the rapid changes in container deployments. Tools such as eBPF can provide real-time visibility and threat mitigation capabilities, making them essential for modern Kubernetes security.

Limitations of Legacy Intrusion Detection Systems

Legacy intrusion detection systems (IDS) like Snort and Suricata are rule-based and require constant manual tuning. These systems often fail to provide the necessary visibility into Kubernetes-native applications. eBPF enhances IDS capabilities by enabling high-performance kernel-level monitoring.

Snort: An open-source IDS that inspects network traffic in real time, using predefined rule sets for threat detection.
Suricata: A next-generation IDS that offers deep packet inspection and anomaly detection, with integrated support for various protocols.

AI-Driven Enhancements in IDS

AI and machine learning significantly improve the effectiveness of IDS by providing advanced anomaly detection capabilities. By leveraging techniques like supervised and unsupervised learning, organizations can identify both known and novel threats more effectively.

Sample Code for Anomaly Detection

The following Python code snippet demonstrates the use of an Isolation Forest for detecting anomalies in network traffic:

from sklearn.ensemble import IsolationForest
import numpy as np

# Sample network traffic data
data = np.random.rand(100, 5) # 100 samples, 5 features
model = IsolationForest(contamination=0.05)
model.fit(data)
anomalies = model.predict(data)
print("Detected Anomalies:", sum(anomalies == -1))

Deployment of AI-Driven IDS in Kubernetes

To deploy an AI-driven IDS in Kubernetes, follow these steps:

Set up eBPF monitoring configuration: Attach eBPF programs to network sockets for real-time packet filtering.
Integrate Snort/Suricata: Analyze network packets through predefined rule sets.
Feed data to AI models: Utilize machine learning to enhance IDS accuracy.
Deploy in Kubernetes: Use a DaemonSet to run IDS agents on every node and apply Kubernetes Network Policies for security.

YAML Configuration for Snort Deployment

Deploying Snort in Kubernetes can be accomplished with the following YAML configuration:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: snort-ids
spec:
  selector:
    matchLabels:
      app: snort
  template:
    metadata:
      labels:
        app: snort
    spec:
      containers:
      - name: snort
        image: snort/snort:latest
        securityContext:
          privileged: true

Automating Threat Response in a Zero Trust Framework

AI-driven IDS can trigger automated threat responses by integrating with Kubernetes security policies. This enables real-time elimination of threats, enhancing the effectiveness of security measures.

Real-Time Anomaly Detection and Automated Access Control

AI-powered IDS solutions like Snort and Suricata, combined with machine learning, allow for the immediate identification of unusual activities. This is crucial for maintaining security in Kubernetes environments.

Script for Blocking Malicious IPs

The following Python script demonstrates how to block a suspicious IP in Kubernetes:

import os

def block_ip(ip):
    os.system(f"kubectl annotate namespace default netpol.blocked-{ip}='deny'")

suspicious_ip = "192.168.1.100"
block_ip(suspicious_ip)
print(f"Blocked suspicious IP: {suspicious_ip}")

AI-Powered Security Capabilities

AI-powered security solutions offer numerous benefits, including advanced threat detection, reduced false positives, and scalability. These systems are essential for industries such as finance, healthcare, and government, where data protection is paramount.

Conclusion

SSOJet provides robust security solutions that integrate seamlessly with Kubernetes environments, ensuring secure SSO and user management. With features such as directory sync, SAML, OIDC, and magic link authentication, SSOJet is designed to meet the needs of enterprises looking to enhance their security posture.

Explore SSOJet's services or contact us today to learn how we can help you implement secure authentication measures in your organization. Visit us at https://ssojet.com.

NinjaTech and AWS Unveil Next-Gen AI Assistant for Productivity

Abhishek Dave — Mon, 02 Jun 2025 11:16:25 +0000

Originally published at ssojet

NinjaTech AI has launched a multi-agent personal AI assistant named Ninja, developed in partnership with Amazon Web Services (AWS). This assistant leverages AWS's custom machine learning chips, Trainium and Inferentia2, enabling the AI to plan and execute real-world tasks asynchronously, such as scheduling meetings and conducting complex research. AWS's infrastructure allows Ninja to handle multiple tasks simultaneously, thereby enhancing user productivity.

Image courtesy of NinjaTech AI

“Working with AWS's Annapurna Labs has been a genuine game-changer for NinjaTech AI. The power and flexibility of Trainium & Inferentia2 chips for our reinforcement-learning AI agents far exceeded our expectations,” stated Babak Pahlavan, founder and CEO of NinjaTech AI. This partnership enables NinjaTech to train its AI agents efficiently, saving up to 80% in costs while improving energy efficiency by 60%.

Ninja AI Features

Ninja AI is designed to assist users in various tasks, including real-time web research, scheduling, coding assistance, and drafting emails. It employs advanced large language models (LLMs) modified through techniques like reinforcement learning to maximize accuracy and speed. Users can compare results from models such as OpenAI's GPT-4, Anthropic's Claude 3, and Google's Gemini, thereby gaining the best possible outputs.

Image courtesy of NinjaTech AI

The service operates with a free tier, allowing users to complete a limited number of tasks daily. Paid subscriptions offer expanded functionalities, increasing the number of tasks available for users. Ninja AI supports integration with Google Calendar and will soon include Apple iCal, automating event scheduling and sending invitations on behalf of users.

Ninja AI's Technology Stack

NinjaTech AI utilizes AWS infrastructure to enhance the capabilities of its AI agents. The AI is trained on AWS Trainium instances, which provide high-performance compute clusters for faster LLM training while maintaining lower energy consumption. The Inferentia2 chip is employed for inference, offering up to 40% better price performance compared to traditional GPUs.

Image courtesy of NinjaTech AI

“Our collaboration with AWS has accelerated our development of a generative AI-based planner and action engine, essential for building state-of-the-art AI agents,” added Pahlavan. This partnership enables NinjaTech to create robust AI solutions that respond to the increasing demands for efficient productivity tools in the enterprise sector.

Ninja AI's Unique Value Proposition

Ninja AI distinguishes itself by providing users with a comprehensive suite of AI agents capable of performing diverse functions simultaneously. This asynchronous operation allows users to maintain their focus on other tasks while the AI handles scheduling, research, and more. The integration of various AI models under one platform simplifies the user experience and enhances overall productivity.

Ninja AI is now available for users at myninja.ai, representing a significant advancement in personal AI capabilities, particularly for professionals seeking to enhance their workflows.

For organizations looking to implement secure single sign-on (SSO) and user management, SSOJet offers an API-first platform that integrates seamlessly with directory synchronization, SAML, OIDC, and magic link authentication. Explore our services at SSOJet and contact us to streamline your authentication processes effectively.

Microsoft Invests $400 Million in Switzerland for AI and Cloud

Abhishek Dave — Mon, 02 Jun 2025 11:15:08 +0000

Originally published at ssojet

Microsoft will invest $400 million in Switzerland, targeting the enhancement of its cloud computing and artificial intelligence infrastructure. This decision was announced during a meeting with Swiss Economy Minister Guy Parmelin and Microsoft Vice Chair Brad Smith in Bern. The funding will primarily focus on upgrading four data centers located near Geneva and Zurich, addressing the growing demand for AI and cloud computing services in the region.

The investment aims to bolster data localization within Swiss borders, which is vital for industries like healthcare, finance, and government. Data privacy regulations in Switzerland necessitate that sensitive information remains within the country, making this expansion crucial for compliance and operational efficiency. The company currently employs around 1,000 individuals in Switzerland, though specific details regarding new job creation from this investment have not been disclosed.

Smith emphasized Switzerland's position as a leading innovation hub, stating, "Switzerland has created one of the world's leading innovation ecosystems, blending world-class research with real-world applications." This investment aligns with the increasing global trend of prioritizing secure data solutions and AI technologies to meet evolving market demands.

Impact on Local Economy and Partnerships

The $400 million investment will not only enhance Microsoft’s infrastructure but also strengthen its partnerships with small and medium-sized enterprises (SMEs) in Switzerland. This initiative includes plans to expand training programs aimed at improving AI and digital skills among local talent. As organizations increasingly adopt advanced technologies, the demand for skilled professionals in areas such as single sign-on (SSO), multi-factor authentication (MFA), and secure user management is rising.

Microsoft's investment underscores the importance of secure authentication solutions in the rapidly evolving tech landscape. Companies like SSOJet offer API-first platforms that feature directory synchronization, SAML, OIDC, and magic link authentication, making it easier for enterprises to implement secure SSO and manage user access effectively. Such tools are essential for organizations looking to secure their data while enabling seamless access for users.

The expansion of Microsoft’s data centers will also support existing and new customers, particularly in sectors requiring stringent data security measures. By enhancing its infrastructure, Microsoft aims to meet the needs of businesses looking for reliable cloud services that comply with local regulations.

Market Position and Future Outlook

Microsoft's multi-faceted approach in Switzerland highlights its commitment to maintaining a strong market position in the face of increasing competition. The firm has seen significant growth, with shares reportedly declining by $2.74 or 0.60% to $457.62 during premarket trading on Monday. Despite this, Microsoft has experienced an impressive 18.50% growth over the past three months and a 9.22% increase since the start of the year.

As the demand for secure cloud solutions continues to rise, companies that provide robust authentication and identity management solutions—like SSOJet—are poised to benefit from this trend. Organizations looking to enhance their security posture must consider implementing advanced solutions such as SSO, MFA, and passkey technologies to mitigate the risk of data breaches and ensure compliance with industry standards.

For businesses exploring options to secure their user management and authentication processes, SSOJet offers tailored solutions that enable enterprises to implement secure SSO and user management effectively. The platform's integration capabilities with existing systems can streamline operations while enhancing security.

Explore our services or contact SSOJet at https://ssojet.com to discover how we can help your organization enhance its authentication strategies.

Microsoft Open Sources GitHub Copilot: A New Era for AI Coding

Abhishek Dave — Mon, 02 Jun 2025 11:14:13 +0000

Originally published at ssojet

At the Build 2025 conference, Microsoft announced plans to open source the GitHub Copilot Chat extension under the MIT license. This code will be integrated into the main VS Code codebase. This move could reshape the market for AI code editors, especially against proprietary tools.

Microsoft cited advancements in large language models as a reason for this decision, highlighting the diminished value of secret prompting strategies. OpenAI's Anthropic has been releasing system prompts for its Claude models, and community-led transparency efforts have increased the need for open-source solutions. The company also noted challenges surrounding copyright and patent protection for AI prompts.

This initiative responds to requests from extension authors for better integration with VS Code. The Copilot Chat extension utilized Proposed APIs, which regular extension authors could not access for publishing extensions on the Visual Studio Code Marketplace. By moving the Copilot Chat extension to an MIT license, Microsoft aims to level the playing field for developers and restrict forks with limited resources.

Microsoft's decision also focuses on increased transparency regarding data collection and enhanced community-driven security. This transformation is poised to position VS Code as an "AI-native editor."

VS Code: Open Source AI Editor

The goal of making VS Code an open-source AI editor is part of Microsoft’s commitment to open collaboration and community input. By open-sourcing the GitHub Copilot Chat extension under the MIT license, Microsoft aims to enhance the foundation for AI-powered coding tools.

The motivations for this move include:

The evolution of large language models reducing the need for proprietary prompting.
The emergence of effective UX treatments for AI interactions, fostering community innovation.
A demand for transparency in data collection practices.
The increased targeting of developer tools by malicious actors, necessitating community engagement for security.

In the coming weeks, Microsoft plans to refactor AI features from the extension into the VS Code core. This shift seeks to streamline contributions to AI features and improve the testing of these models.

Follow along on the iteration plan for updates and our FAQ for community questions.

Microsoft Turns GitHub Copilot Into Full AI Coding Agent

Microsoft announced a significant upgrade to GitHub Copilot, transforming it into a fully autonomous AI coding agent. This new version supports a method called "vibe coding," allowing developers to describe their ideas in plain text, which the AI then converts into code.

This major change was unveiled at Build 2025 and aims to enhance developer productivity by automating entire coding tasks. The AI agent operates in a secure environment, submitting updates through draft pull requests to maintain transparency.

Microsoft's previous collaborations with OpenAI have seen explosive growth in GitHub Copilot, and this evolution reflects a broader industry trend towards automation in coding.

Copilot Goes Open-Source: Microsoft Embraces Open Source AI

In a surprising shift, Microsoft has decided to open-source GitHub Copilot, making it officially free to use under the MIT license. This decision opens the door for developers to fork, modify, and even create competing products based on Copilot's codebase.

This announcement comes amidst a rapidly evolving AI landscape, where tools like Cursor and Windsurf have gained significant traction. Microsoft's strategy appears to be a response to the increasing popularity of open-source AI solutions and the need for community collaboration to improve tools and fix security vulnerabilities.

While Copilot is now open source, the paid service model remains in place to cover the costs associated with cloud computing for generating code. This dual model aims to foster innovation while ensuring sustainability.

Implement Secure Authentication with SSOJet

For organizations navigating the complexities of AI development and integration, securing access and managing user identities is paramount. SSOJet offers an API-first solution that features Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Passkey support.

With SSOJet, enterprises can implement secure SSO and user management with seamless directory sync, SAML, and OIDC support. This ensures that your development teams can focus on building innovative solutions while we handle secure authentication.

Explore our services at SSOJet or contact us to learn how we can enhance your authentication processes today.

New Tools and Initiatives in Data Breach Monitoring and Healthcare AI

Abhishek Dave — Mon, 02 Jun 2025 11:12:56 +0000

Originally published at ssojet

Have I Been Pwned (HIBP) has launched version 2.0, featuring a significant front-end redesign aimed at improving data breach visibility. Security expert Troy Hunt emphasizes that this update addresses user needs for a more approachable and user-friendly platform. The new dashboard consolidates monitored email addresses and domain results, providing persistent visibility into breach activity without repeated searches.

Image courtesy of troyhunt.com

The redesigned Search page offers faster response times and a cleaner layout. New features include improved enterprise workflows and automation to support family account enrollment. As noted by Hunt, the platform also prepares for future capabilities like passkey support, aligning with emerging security trends.

Image courtesy of troyhunt.com

Hunt discusses the rationale behind removing less frequently used features, such as username and phone number search support, to streamline the user experience. HIBP's ongoing priority is enhancing automation and visibility for both individuals and organizations, particularly those managing large user sets.

For more on the HIBP updates, visit troyhunt.com and learn about the importance of strong breach disclosure norms in the industry.

OpenAI Releases HealthBench Dataset to Test AI in Health Care

OpenAI has introduced the HealthBench dataset, which includes 5,000 realistic health conversations designed to test AI models' performance in healthcare settings. This initiative involves collaboration with 262 doctors from 60 countries, ensuring the dataset's reliability and relevance.

Image courtesy of HitConsultant

The dataset aims to facilitate fair comparisons between AI models. Karan Singhal, head of OpenAI's health AI team, stated, "Our mission as OpenAI is to ensure AGI is beneficial to humanity." The dataset includes a special group of 1,000 challenging examples to help improve model performance.

However, experts raised concerns about the transparency of OpenAI's grading process, especially in critical healthcare contexts. Girish Nadkarni pointed out the need for more comprehensive reviews to ensure that AI models are effective across different demographics and geographies.

For insights on the HealthBench dataset and its implications for healthcare AI, check STAT News and OpenAI.

HHS, NIH Unveil Vaccine Initiative to Protect Against Future Pandemics

The U.S. Department of Health and Human Services (HHS) and the National Institutes of Health (NIH) announced the "Generation Gold Standard" initiative. This aims to develop next-generation, universal vaccines using a beta-propiolactone (BPL)-inactivated, whole-virus platform.

The initiative will fund the in-house development of universal influenza and coronavirus vaccines, including BPL-1357 and BPL-24910. According to the NIH, these vaccines target multiple strains of pandemic-prone viruses while inducing robust immune responses.

Clinical trials for these universal vaccines are expected to begin in 2026, with FDA approval anticipated by 2029. HHS has allocated $500 million to the Generation Gold Standard initiative, emphasizing the need for innovative approaches to vaccine development.

For details on the vaccine initiative, see the NIH press release here.

Japan to Get First Generative AI Healthcare Agent via Hippocratic AI & EUCALIA Team-Up

Hippocratic AI has partnered with EUCALIA to launch Japan's first generative AI healthcare agent for non-diagnostic, patient-facing tasks. This partnership aims to enhance patient access and reduce clinician workload amid rising healthcare demand.

The AI agent will manage responsibilities such as appointment scheduling and medication adherence support. Built on Hippocratic AI’s Polaris Constellation System, it has achieved a clinical accuracy rate of 99.38% and has powered over 1.85 million patient interactions in the U.S.

Munjal Shah, CEO of Hippocratic AI, emphasizes the commitment to create culturally competent solutions that improve patient outcomes and clinical operations. The collaboration marks a significant advancement in healthcare technology for Japan.

For more information on Hippocratic AI's initiatives, visit Hippocratic AI.

New COVID-19 variant NB.1.8.1 'pretty much everywhere' in Australia

The World Health Organization has classified the NB.1.8.1 COVID-19 variant as a "variant under monitoring," indicating its prevalence in Australia. Experts urge vaccination as the new strain gains traction, with predictions that it may overtake other variants.

Image courtesy of ABC News

Griffith University virologist Associate Professor Lara Herrero notes that while existing vaccines remain effective, vaccination rates have dropped to critical levels among children and teens. Health Minister Mark Butler emphasizes the importance of booster shots, particularly for older Australians.

As respiratory infections rise, experts warn of a challenging winter ahead. The emergence of the NB.1.8.1 variant is expected to influence case numbers, highlighting the need for continued vigilance and vaccination efforts.

For more on the COVID-19 situation in Australia, see ABC News.

For organizations seeking secure authentication solutions, explore SSOJet's API-first platform for implementing secure single sign-on (SSO) and user management. Our services include directory synchronization, SAML, OIDC, and magic link authentication tailored for enterprise clients. Visit ssojet.com to learn more and contact us for your authentication needs.

Azure AI Search Introduces Agentic Retrieval for Enhanced Relevance

Abhishek Dave — Mon, 02 Jun 2025 11:11:57 +0000

Originally published at ssojet

Microsoft's Azure AI Search has introduced agentic retrieval, a query engine that autonomously manages retrieval strategies for complex questions. This system enhances answer relevance in conversational AI by up to 40% compared to traditional approaches. It utilizes conversation history and Azure OpenAI to decompose queries into focused subqueries, which are executed in parallel across text and vector embeddings.

This functionality is available programmatically through a new Knowledge Agents object in the 2025-05-01-preview data plane REST API and Azure SDK prerelease packages. It builds on Azure AI Search's existing index with a dedicated "Agent" resource linked to Azure OpenAI and a retrieval engine managing the entire process.

The agentic retrieval process consists of several stages. First, a large language model (LLM) analyzes the complete chat thread to extract core information. It then plans a retrieval strategy that integrates both chat history and the original query. Each subquery runs concurrently, employing both keyword and semantic search capabilities of Azure AI Search.

Matthew Gotteiner, during a Microsoft Build session, noted, "The overall speed of agentic retrieval is directly related to the number of subqueries generated." This means that while parallel execution aims to speed up results, more complex queries requiring numerous subqueries may take longer. A simpler query planner that generates fewer, broader subqueries could return results faster than one that creates many highly focused subqueries.

The results from these queries are reranked by the platform's semantic ranker into a unified grounding payload, which includes top hits and structured metadata. The API also provides a detailed activity log of the retrieval process.

/filters:no_upscale()/news/2025/05/azure-ai-search-agent-retrieval/en/resources/1AR_pipeline_Build25%20(1)-1748518400038.png)
Akshay Kokane, a Software Engineer at Microsoft, highlighted the evolution of traditional retrieval-augmented generation (RAG) systems in a Medium blog post, stating, "Agentic RAG (ARAG) addresses this gap by introducing dynamic reasoning, intelligent tool selection, and iterative refinement."

The public preview of agentic retrieval is currently available in select regions. Pricing includes per-token billing for Azure OpenAI's query planning and Azure AI Search's semantic ranking, both free during the initial preview. Additional resources such as documentation, a cookbook, and integration guidance are available for developers.

Microsoft’s Future Vision for AI Agents

Microsoft envisions a future where artificial intelligence (AI) agents from different companies can collaborate effectively. During the Build conference, Kevin Scott, Microsoft's chief technology officer, discussed the need for cross-company standards to enable this collaboration. Microsoft supports the Model Context Protocol (MCP), an open-source protocol aimed at creating an "agentic web" similar to early internet protocols.

Scott stated, "It means that your imagination gets to drive what the agentic web becomes, not just a handful of companies." This vision emphasizes the importance of better memory capabilities for AI agents, which is essential for improving user interactions. Microsoft is focusing on structured retrieval augmentation, where agents pull essential snippets from conversations to create a roadmap of discussions.

Scott explained that enhancing an AI agent's memory is costly as it demands more computing power. This approach is crucial for moving beyond transactional interactions, allowing AI agents to respond more contextually to user needs.

To build secure and efficient interactions, integrating with platforms that provide features like SSO, MFA, and directory synchronization is essential. Companies looking to implement secure single sign-on (SSO) and user management can benefit from SSOJet, which offers an API-first platform featuring directory sync, SAML, OIDC, and magic link authentication.

Explore how SSOJet can enhance your authentication processes and drive productivity in your organization.

New Relic Enhances Software Reliability with GitHub Copilot Integration

Abhishek Dave — Sat, 31 May 2025 13:39:27 +0000

Originally published at ssojet

New Relic Integration with GitHub Copilot Coding Agent

New Relic has introduced an integration with GitHub Copilot's Coding Agent, enhancing software reliability and developer productivity. This integration allows development and operations teams to achieve faster incident response times through proactive monitoring and automated issue creation. The integration is designed to establish a continuous feedback loop, enabling intelligent agents to ensure application health.

The GitHub Copilot Coding Agent acts as an AI-driven partner, assisting developers in writing and implementing code. This feature leverages agentic AI, which enables the AI to operate independently, reducing the need for human oversight. New Relic's Chief Product Officer, Manav Khurana, expressed that "Agentic AI is poised to be a transformative technology for enterprise software developers," highlighting the pressure to deliver innovations quickly without sacrificing quality.

Upon detecting performance issues in generated code, New Relic automatically creates comprehensive GitHub issues, providing all necessary context for developers. This allows them to efficiently resolve problems and facilitates a more streamlined workflow. The integration aims to minimize the time spent on troubleshooting and maintenance, allowing developers to focus on building new features.

For more details, visit New Relic and SiliconANGLE.

Features and Benefits of the Integration

The integration offers several key benefits:

Reduced Resolution Times: Automates issue detection and validation, leading to quicker resolutions.
Enhanced Developer Productivity: Developers can concentrate on high-impact innovations instead of manual troubleshooting.
Increased System Reliability: The solution addresses performance disruptions proactively, ensuring a seamless user experience.
Accelerated Innovation: Automation facilitates faster deployment cycles.

The seamless collaboration between New Relic's observability technology and GitHub Copilot's coding agent allows for efficient tracking and resolution of code-related issues. Developers can assign issues to the Copilot, which will draft fixes and generate pull requests for review.

Learn more about these benefits at New Relic and DevOps.com.

Intelligent Observability and Automation

New Relic's integration exemplifies intelligent observability by automating the lifecycle of issue detection and resolution. This process begins with continuous monitoring of application health through telemetry, linking app data to GitHub Actions. If a performance issue is detected, the New Relic agent gathers pertinent telemetry and generates a GitHub issue with all relevant insights.

Furthermore, developers can leverage the coding agent to generate code fixes automatically. This autonomous capability minimizes manual intervention, thereby reducing the risk of human error and expediting the resolution process.

To explore more on intelligent observability, visit New Relic and check out GitHub's documentation.

Continuous Integration and Deployment

New Relic emphasizes the importance of continuous integration (CI) to enhance developer efficiency. By automating release processes with GitHub Actions, teams can ensure timely updates and security patches. The Kubernetes agent team at New Relic has successfully reduced release times by 99% with automated workflows, significantly enhancing their deployment efficiency.

Additionally, automated security scanning tools like CodeQL and Trivy keep the codebase secure by identifying vulnerabilities in real time, allowing for prompt remediation and a more robust application lifecycle.

For further insights into CI and deployment strategies, visit New Relic's Kubernetes integration and DevOps.com.

Secure Authentication Solutions

In conjunction with robust development and integration processes, SSOJet offers secure single sign-on (SSO), multi-factor authentication (MFA), and passwordless options. SSOJet's API-first platform features directory sync, SAML, OIDC, and magic link authentication, ensuring secure user management for enterprise clients.

As organizations adopt more automated and intelligent solutions, the need for secure authentication becomes paramount. SSOJet's offerings help organizations implement secure, efficient, and user-friendly authentication methods to protect sensitive data.

Explore SSOJet’s services at https://ssojet.com and discover how you can enhance your authentication processes today.