This week in Microsoft AI

Microsoft’s key publish in the window focused on ransomware, not Copilot.

In the 2026-04-06 to 2026-04-12 window, the only credible Microsoft-linked item found was a Microsoft Threat Intelligence write-up on Storm-1175 and Medusa ransomware operations. The available notes did not contain verifiable Copilot or Microsoft AI product announcements within the week, so this digest includes only the security item that meets the date and source requirements.

Storm-1175 targets vulnerable web-facing assets in Medusa ops

Microsoft Threat Intelligence reported Storm-1175 activity that focuses on exploiting vulnerable internet-facing assets in high-tempo Medusa ransomware operations.

Use this report to validate your vulnerability-management priorities against active ransomware tradecraft that targets exposed services.
Review inventory and ownership of internet-facing assets (including shadow IT) to reduce the exploit surface that ransomware crews seek.
Map the described techniques to your Microsoft security stack detections and incident playbooks to confirm coverage and response readiness.

Source — Microsoft Security Blog SecurityThreat intelligence