Marco Gerber | Microsoft MVP

ASCII Smuggling: A Threat Hidden in Plain Sight - marcogerber.ch Discover how ASCII smuggling uses invisible Unicode characters to bypass AI filters and manipulate LLM responses.

👻 What you see isn't always what your AI sees.

I briefly talked about ASCII smuggling at last year's Swiss Microsoft Security Summit. Since then, I've noticed this topic rarely comes up, so I decided to dig deeper and share what I learned.

👉 marcogerber.ch/ascii-smuggl...

AI-enabled Hear The World device describes its surroundings - Raspberry Pi A keen photographer’s aid for visually impaired users gets Raspberry Pi Zero 2 W to describe what the camera sees.

There's also an official blog post on the Raspberry Pi website: www.raspberrypi.com/news/ai-enab...

Issue 159 — Raspberry Pi Official Magazine Does your project need a microcontroller, a full-fat computer with all the processing power and connectivity that entails, or a small, low-power computer that’s incredibly affordable and yet can still...

I’m beyond honored that my project "Hear the World using Azure OpenAI and a Raspberry Pi" was featured in the official @raspberrypi.com magazine! 🎉

If you're interested, feel free to grab a physical copy or the free PDF edition from the Raspberry Pi website: magazine.raspberrypi.com/issues/159

Bicep Local Deploy - Deploy anything using Azure Bicep - marcogerber.ch Discover Bicep Local Deploy, an experimental feature that enables custom extensions to run locally - taking Bicep beyond Azure.

What if Bicep could do more than deploy to Azure? 🦾

With Bicep Local Deploy, you can extend Bicep much like Terraform providers - from automating deployments to managing on-prem or SaaS.

Learn more about how to use it, and what’s happening behind the scenes. 🔗

Announcing comprehensive sovereign solutions empowering European organizations - The Official Microsoft Blog Today, we are taking the next step in strengthening our European digital commitments to empower our customers with greater choice, more control over their data privacy and the most robust digital resi...

Coming: External Key Management to extend Azure Managed HSM 🔐

Bring your own keys from on-prem or trusted 3rd-party HSMs, no longer limited to Azure Key Vault/Managed HSM.

This will affect SLAs, since customers are responsible for their HSM and keys.

blogs.microsoft.com/blog/2025/06...

Microsoft Certified: Information Security Administrator Associate

Upload blocked by DLP - until it saw my new Information Security Administrator Associate certificate 🎉

learn.microsoft.com/api/credenti...

Connect to AKS Private Cluster Using Azure Bastion (Preview) - Azure Bastion Learn how to securely connect to Azure Kubernetes Service (AKS) private clusters using Azure Bastion's native client tunneling. Step-by-step guide with prerequisites and commands to establish secure a...

Azure Bastion integration with AKS is now in public preview. Use Azure CLI to open a tunnel to a private AKS cluster, which uses the Bastion host in the background. AKS clusters with public FQDN disabled aren't currently supported.

learn.microsoft.com/en-us/azure/...

RIP then 🥲

Bicep: The content for this response was already consumed - marcogerber.ch Troubleshooting the "The content for this response was already consumed" error in Azure Bicep deployments with Azure CLI.

I encountered a new error during Bicep deployments that worked fine until recently:

❗The content for this response was already consumed❗

Looks like it started with Azure CLI 2.73.0 - errors don’t show properly.

Read more details and solutions in my latest blog post: marcogerber.ch/the-content-...

Looks like there is an issue in the Azure portal where resources cannot be found. Related actions are failing as a result. I've observed this behavior across multiple tenants.

I've built a simple Streamlit chat app using the Azure AI Inference client for quick model testing, PoC's, and demos.

🧩 Features:
- Text & image input
- Model switcher
- System prompt presets
- Session-based chat history
- Console logging for debugging

Check it out: marcogerber.ch/streamlit-ch...

Prompt injection attacks on vision language models in oncology - Nature Communications Vision-language artificial intelligence models (VLMs) can be employed to recognize lesions in cancer images. Here, the authors show that VLMs can be misled by prompt injection attacks, producing harmf...

Very interesting article: Prompt injection attacks on vision language models in oncology

www.nature.com/articles/s41...

Defender for Cloud - Threat protection for AI workloads - marcogerber.ch Explore threat protection for AI Services in Defender for Cloud, including the new AI Services protection plan, concept, alerts, and more.

Defender for AI Services is now GA and available for all subscriptions! 🛡️

Learn more about its capabilities: marcogerber.ch/defender-for...

Public Preview: Azure virtual network terminal access point (TAP). Virtual network TAP (agentless) leverages Azure’s native infrastructure to mirror traffic with minimal overhead and zero performance impact on VMs.

azure.microsoft.com/en-us/update...

Finally! Easy service upgrade and change service tier in Azure AI Search (Public Preview).

Azure AI Search now lets you easily change service tiers between Basic, S1, S2, and S3 tiers or upgrade for more capacity and features - no rebuild or reindexing needed.

azure.microsoft.com/en-us/update...

Public Preview: Remote Model Context Protocol (MCP) support in Azure Functions.

Azure Functions now supports an early preview of triggers and bindings for building tools with remote MCP and server-sent events (SSE).

azure.microsoft.com/en-gb/update...

Today's learning 💡 Private Endpoints generate a /32 default route that automatically propagates within their vnet and peered vnets. In hub-spoke architectures, this can inadvertently bypass firewalls or an NVA. To mitigate this, take a look at 'Network Policies for Private Endpoints'.

Using 'extends' in Azure Bicep forces all parameters from the root file to be inherited and used. I suggested making this optional in a GitHub Issue - give it a thumbs up or +1 if you’d find that useful!👍

github.com/Azure/bicep/...

New season is crazy spot on as always! 😶‍🌫️

AZ CLI 2.71.x breaks bicep deployments when using Azure Devops Agent · Issue #31189 · Azure/azure-cli Describe the bug When performing a bicep operation using the az cli in an Azure Devops Pipeline that has been upgraded to AZ CLI 2.71.x we seem to run in to the following: FileNotFoundError: [Errno...

Current workaround: Run 'az config set bicep.use_binary_from_path=false' at the beginning of your Azure CLI task.

See github.com/Azure/azure-...

Az bicep lint throws NotFound Exception Error on Microsoft hosted build-agent (Azure Pipelines) when using AzCli tasks · Issue #31226 · Azure/azure-cli Describe the bug Running az bicep lint via the AzCLI task in ADO is failing with an error. This job was working fine until the last hour or so and just stopped working. ADO Logs: az bicep lint --fi...

There seems to be an issue with hosted agents on Azure DevOps Pipelines and GitHub Actions. An error occurs when using ubuntu-latest and the Azure CLI task to deploy Bicep files:

ERROR: [Errno 2] No such file or directory: '/home/vsts/work/_temp/.azclitask/bin/bicep'

github.com/Azure/azure-...

Microsoft Copilot in Azure is now generally available | Microsoft Community Hub Today, we are excited to announce General Availability (GA) of Copilot in Azure. We are also thrilled to share that the current capabilities of Copilot in...

Copilot in Azure is now generally available, with all current capabilities remaining free of charge.

techcommunity.microsoft.com/blog/azurein...

5 GitHub Actions every maintainer needs to know With these actions, you can keep your open source projects organized, minimize repetitive and manual tasks, and focus more on writing code.

Maintainers: Did you know you could spend less time doing repetitive tasks and more time coding? 💡

Maintainership will never be the same once you start using these GitHub Actions. ⬇️
github.blog/open-source/...

Nice one John! 👍🏼

Announcing the Responses API and Computer-Using Agent in Azure AI Foundry | Microsoft Azure Blog We’re excited to introduce two powerful innovations in Azure AI Foundry. Learn more.

A new Computer-Using Agent (CUA) is coming to the Azure AI Foundry. This allows you to automate UI driven workflows, like autonomous UI navigation. I wonder how this works in real life and whether this is the right approach for sustainable automation.

azure.microsoft.com/en-us/blog/a...

Arrived in Seattle after a great flight right over Greenland, what a view! Ready for my first MVP Summit, can‘t wait to meet everybody 👋🏻 😃

#MVPBuzz #MVPSummit @alschneiter.bsky.social

That's it! See you soon 👋

Retirement: Kubenet Networking for Azure Kubernetes Service to Be Retired on March 31, 2028. Upgrade to CNI overlay in time.

azure.microsoft.com/en-gb/update...

Export as Bicep is fully available today! 💪

Test it out yourself in the portal, instructions can be found here: learn.microsoft.com/en-us/azure/...

Dev Containers: Develop inside a container - marcogerber.ch Discover how Dev Containers in VS Code simplify development by providing consistent, containerized environments.

New blog post 📢 Learn more about Dev Containers and how to quickly spin up containerized, reproducible development environments, including a cheat sheet to get you started.

Check it out: marcogerber.ch/dev-c...