Overview

• Microsoft confirmed that China-based engineering teams no longer support Department of Defense government cloud services.
• Senator Tom Cotton formally requested details from the Pentagon on the scope of unauthorized access by China-based engineers.
• A ProPublica exposé revealed that Microsoft failed to notify the Defense Department before allowing foreign nationals to work on critical military software.
• Security analysts warn that Microsoft’s recent string of critical vulnerabilities and its cloud-first strategy amplify risks without zero-trust security frameworks.
• Lawmakers are pushing for stricter federal contracting rules, independent audits and investment in domestic cybersecurity talent to bolster digital sovereignty.