An anonymous reader quotes a report from Reuters: The Gates Foundation opened an external review earlier this year into its engagement with the late financier and convicted sex offender Jeffrey Epstein, the philanthropic group said on Tuesday. The foundation has been mired in controversy due to Chairman Bill Gates' association with Epstein. A release of emails in January by the U.S. Justice Department also showed communication between Epstein and the Gates Foundation's staff. "Early this year, Gates Foundation CEO Mark Suzman commissioned an external review to assess past foundation engagement with Epstein, and our current policies for vetting and developing new philanthropic partnerships," the foundation said in a statement. "That review is underway, and we expect the board and management will receive an update this summer," it added. The Wall Street Journal, which first reported the news earlier on Tuesday, said Suzman told staff in a memo, "this is a challenging time for our organization in many ways, but it also highlights the critical importance of taking the tough actions now." The WSJ also reports that the Gates Foundation will eliminate up to 500 jobs, or about 20% of its staff, by 2030. It said the foundation has a 2026 budget of about $9 billion, but plans to cap operating expenses at $1.25 billion. Further reading: The Bill Gates-Epstein Bombshell - and What Most People Get Wrong

Read more of this story at Slashdot.

Microsoft has started teasing a new Discord and Xbox Game Pass partnership, just a day after lowering prices of its Game Pass Ultimate and PC Game Pass subscriptions. Microsoft Gaming CEO Asha Sharma says the company is partnering with Discord again "as we continue to make Game Pass more flexible for our players."

It's not immediately clear what the latest Discord and Xbox partnership will result in, but given it's a Game Pass one it's likely related to some perks for subscribers of Xbox Game Pass. At the moment Game Pass Ultimate subscribers can get a month of Discord Nitro as part of the subscription, and it's possible that Microsoft and …

Read the full story at The Verge.

Microsoft first revealed it was building an Xbox mobile gaming store to take on Apple and Google all the way back in 2022. Former Xbox president Sarah Bond even went on stage at a Bloomberg event nearly two years ago and promised the store would launch in July, 2024. Now, it looks like Microsoft has put the project on hold.

Better xCloud developer redphx noticed that the store URL Microsoft had been testing for the past couple of years no longer works. It's not clear exactly when it disappeared, but the last time the website was updated was nearly a year ago.

The store was originally supposed to compete with Google and Apple, but strict ap …

Read the full story at The Verge.

We’re announcing the general availability of Gemini Embedding 2 via the Gemini API and Vertex AI.

We are at an inflection point in cybersecurity.

Recent advances in AI model capabilities are changing how vulnerabilities are discovered and exploited. AI models can autonomously discover weaknesses, chain multiple lower-severity issues into working end-to-end exploits, and produce working proof-of-concept code. This significantly compresses the window between vulnerability discovery and exploitation.

These changes require organizations to rethink exposure, response, and risk. However, the same capabilities that can give attackers an advantage also create a unique opportunity for defenders. When applied correctly, they can accelerate vulnerability discovery, improve detection engineering, and reduce time to mitigation. We look forward to working together as an industry to use these AI model capabilities as part of enterprise-grade solutions to tilt the balance in favor of defenders.

Partnering with leading model providers

Security has been and remains the top priority at Microsoft. Over the last two years, through our Secure Future Initiative (SFI), we have strengthened our security foundations for this age of AI, in part by using AI to accelerate vulnerability discovery and remediation and help defend against threats. We have also invested in fundamental AI for security research, including the development of open-source industry benchmarks that can be used to evaluate whether models are ready for real-world security work.

As we move forward, we are accelerating this work and partnering with the industry to use leading models, paired with our platforms and expertise, to turn AI-driven discovery into protection at scale.

Through Project Glasswing, Microsoft is working closely with Anthropic and industry partners to test Claude Mythos Preview, identify and mitigate vulnerabilities earlier, and coordinate defensive response. We evaluated Mythos using CTI-REALM, our open-source benchmark for real-world detection engineering tasks, and the results showed substantial improvements relative to prior models.

Microsoft is also evaluating other models. As part of our overall security approach, we continuously evaluate models from multiple providers as they are made available and integrate them into our enterprise-grade security platform. This multi-model approach is intentional as no single model defines our strategy.

Taking action in three fundamental areas

Defenders need to move faster to keep pace with AI-driven threats. We are focusing on three areas to help customers reduce risk and improve resilience.

1. AI-led vulnerability discovery and mitigations to stay current on software

We plan to incorporate advanced AI models, like Claude Mythos Preview, directly into our Security Development Lifecycle (SDL) to identify vulnerabilities and develop mitigations and updates. This allows us to discover more issues more quickly across a broader surface area than previous methods and address them earlier in the lifecycle.

AI-assisted discoveries are handled through our existing Microsoft Security Response Center (MSRC) processes, including Update Tuesday—our predictable and systematic way of distributing updates to customers—and out-of-band updates, where appropriate. Customers using Microsoft platform as a service (PaaS) and software as a service (SaaS) cloud services do not need to take any action; mitigations and updates are applied automatically. For customers who deploy Microsoft products on their own infrastructure, whether on-premises or self-hosted, staying current on all security updates is now not only the best practice; it is a fundamental requirement for staying secure against AI exposure.

We will deploy detections to Microsoft Defender, our threat protection solution, when updates are released and share details through the Microsoft Active Protections Program (MAPP) partners to help mitigate risk. We are also using advanced AI models to proactively scan select open-source codebases. Identified issues will be addressed through coordinated vulnerability disclosure.

2. AI-ready posture to reduce exposure

Patching, while critical, is not sufficient on its own. We have identified the five dimensions where autonomous AI driven attacks gain disproportionate advantage—patching, open-source software, customer source code, internet-facing assets, and baseline security hygiene.

For each dimension, Microsoft Security Exposure Management provides guidance and capabilities that customers can use to:

• Assess their current state.
• Understand prioritized actions to reduce risk.
• Evaluate “what-if” scenarios before making changes.
• Apply automation to remediate issues at scale.

These capabilities include tools like Microsoft Defender External Attack Surface Management (EASM) for continuous discovery of internet-facing assets, GitHub Advanced Security with CodeQL, Copilot Autofix for open-source and first-party code, and Microsoft Baseline Security Mode (BSM) to apply foundational controls across Exchange, Microsoft Teams, SharePoint, OneDrive, Office, and Microsoft Entra—with impact simulation before enforcement.

Others in the industry have shared guidance and rightly emphasized the importance of continuous asset discovery and posture management. We are delivering an integrated experience through a new Microsoft Security Exposure Management blade—Secure Now—that combines guidance with the ability to act, so customers proactively reduce their exposure. Secure Now is available today at https://security.microsoft.com/securenow

3. AI-powered solutions to defend at scale

Beyond plans to use advanced AI models directly into our Security Development Lifecycle (SDL), we are separately building new solutions to help customers leverage advanced AI models to improve their security at enterprise scale.

• Rapidly deployed Defender detections developed for AI-discovered vulnerabilities, sim-shipping with corresponding updates to help mitigate risk immediately.
• We have learned through our own testing that model capability to discover potential vulnerabilities is only the beginning. Organizations must also be able to use AI to validate and prioritize based on exploitability and impact, and build the fix. To help we plan to productize a new multi-model AI-driven scanning harness developed internally and make it available to customers to streamline their experience and deliver outcomes more quickly. This solution is expected to be available in preview in June 2026.

Our goal is to ensure findings are actionable. While models are powerful on their own, without prioritization and context, large volumes of results can overwhelm development teams. These new solutions are designed to pair model output with the context and security solutions needed for enterprises to drive security effectiveness at scale.

Get started today

Customers can get started now by reviewing the guidance at https://security.microsoft.com/securenow. Any customer with a Microsoft Entra ID will be able to access the guidance. In addition, Microsoft Security customers will have access to capabilities that enable them to assess their exposure and take action.

We have also mobilized our Customer Success organization to support customers in implementing this guidance.

What’s ahead

This work is ongoing. We will continue to share updates as testing progresses, new models emerge, and new guidance and solutions become available. The threat landscape will continue to evolve, but so will our defenses—and we are committed to ensuring that our customers have the tools, guidance, and partnership they need to stay ahead.

Security is a team sport. The organizations that act on this shift—by staying current on patches, reducing exposure, and leveraging AI-powered security solutions—will be significantly harder to compromise than those that do not. The time to act is now and we look forward to partnering with the industry to build a safer world for all.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post AI-powered defense for an AI-accelerated threat landscape appeared first on Microsoft Security Blog.

There are two ways to enhance Markdown in an Astro project:

1. Through MDX
2. Through a Markdown Component

This article focuses on the Markdown Component.

Why Use a Markdown Component

I use a Markdown Component for two main reasons:

1. It reduces the amount of markup I need to write.
2. It converts typographic symbols like ' to opening or closing quotes (' or ').

So, I can skip several HTML tags — like <p>, <strong>, <em>, <ul>, <ol>, <li>, and <a>. I can also skip heading tags if I don’t need to add classes to them.

<div class="card">
  <!-- prettier-ignore -->
  <Markdown>
    ## Card Title
    This is a paragraph with **strong** and *italic* text.
    This is the second paragraph with a [link](https://link-somewhere.com)

    - List
    - Of
    - Items
  </Markdown>
</div>

Notice the prettier-ignore comment? It tells prettier not to format the contents within the <Markdown> block so Prettier won’t mess up my Markdown content.

The HTML output will be as follows:

<div class="card">
  <h2> Card Title </h2>
  <p>This is a paragraph with <strong>strong</strong> and <em>italic</em> text.</p>
  <p>This is the second paragraph with a <a href="https://link-somewhere.com">link</a></p>

  <ul>
    <li> List </li>
    <li> Of </li>
    <li> Items </li>
  </ul>
</div>

Installing the Markdown Component

Fun Fact: Astro came with a <Markdown> component in its early release, but this <Markdown> component was migrated to a separate plugin in Version 1, and completely removed in version 3.

I was upset about it. But I decided to build a Markdown component for myself since I liked using one. You can the documentation here.

Using the Markdown component is simple: Just import and use it in the way I showed you above.

---
import { Markdown } from '@splendidlabz/astro'
---

<Markdown>
  ...
</Markdown>

Respects Indentation Automatically

You can write your Markdown naturally, as if you’re writing content normally. This Markdown component detects the indentation and outputs the correct values (without wrapping them in <pre> and <code> tags).

<div>
  <div>
    <!-- prettier-ignore -->
    <Markdown>
      This is a paragraph

      This is a second paragraph
    </Markdown>
  </div>
</div>

Here’s the output:

<div>
  <div>
    <p>This is a paragraph</p>
    <p>This is a second paragraph</p>
  </div>
</div>

Inline Option

There’s an inline option that tells the <Markdown> component not to generate paragraph tags.

<h2 class="max-w-[12em]">
  <Markdown inline> Ain't this cool? </Markdown>
</h2>

Here’s the output:

<h2 class="max-w-[12em]">
  Ain't this cool?
</h2>

Gotchas and Caveats

Prettier messes up the <!-- prettier-ignore --> block if you have unicode characters like emojis and em dashes anywhere before the block.

Here’s the original code:

<!-- prettier-ignore -->
<Markdown>
  Markdown block that contains Unicode characters 🤗
</Markdown>

<!-- prettier-ignore -->
<Markdown>
  Second Markdown block.
</Markdown>

Here’s what it looks like after saving:

<!-- prettier-ignore -->
<Markdown>
  Markdown block that contains unicode characters 🤗
</Markdown>

<!-- prettier-ignore -->
<Markdown>
  Second Markdown block.
</Markdown>

Unfortunately, we can’t do much about emojis because the issue stems from Prettier’s formatter.

But, we can use en and em dashes by writing -- and ---, respectively.

Content Workaround

You can prevent Prettier from breaking all those <!-- prettier-ignore --> comments by not using them!

To do this, you just put your content inside a content property. No need to worry about whitespace as well — that’s taken care of for you.

<Markdown content=`
  This is a paragraph

  This is another paragraph
`/>

Personally, I think it doesn’t look at nice as slot version above…

But it lets you use markdown directly with any JS or json content you load!

---
const content = `
  This is a paragraph

  This is another paragraph
`
---

<Markdown {content} />

Taking it Further

I’ve been building with Astro for 3+ years, and I kept running into the same friction points on content-heavy sites: blog pages, tag pages, pagination, and folder structures that get messy over time.

So I built Practical Astro: Content Systems — 7 ready-to-use solutions for Astro content workflows (MDX is just one of them). You get both the code and the thinking behind it.

If you want a cleaner, calmer content workflow, check it out.

I also write about Astro Patterns and Using Tailwind + CSS together on my blog. Come by and say hi!

---

Enhancing Astro With a Markdown Component originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.