Richard and David are back together this week, and David has been saving things up. The episode starts with a practical conversation about how both hosts actually manage content discovery, which turns into an honest account of what Richard's Knowledge Hub app does and where it still falls short.

David's segment covers a lot of ground but lands in a consistent place. The MCP release candidate gets the most technical treatment, including a walkthrough of what stateless protocol core actually means in architectural terms and why the previous session-pinning behaviour was a genuine infrastructure problem. He follows that with Azure Container Apps Express, positioned as an agent-first runtime that addresses a real friction point in large organisations, and the AI Red Teaming Agent in Microsoft Foundry, which David uses as a way into one of the more important security concepts for agentic systems: indirect prompt injection. The ZoomIt segment wraps it all together, partly because Mark Russinovich's demo went spectacularly wrong on camera and they kept it all in, and partly because David uses it to pull a connecting thread through everything he covered.

Richard's soapbox landed mid-conversation, prompted by a Microsoft podcast he'd been listening to that week. The argument: the AI adoption conversation is presenting as fresh insight something that was said word for word about Microsoft 365 in 2017. Same language, same frameworks, same metrics. Richard also covers the Copilot Credit Pre-Purchase Plan, which he discovered the night before recording, including the commercial architecture behind it and the ACD stacking question that the documentation does not answer.

The episode closes with computer-using agents going generally available in Copilot Studio, a brief cross-industry tour including Google's shutdown of Project Mariner, the Perplexity/Amazon court case, and what to expect from Build 2026.

• MCP 2026-07-28 Release Candidate
• Azure Container Apps Express (Microsoft Learn)
• AI Red Teaming Agent in Azure AI Foundry
• Microsoft 2026 Work Trend Index
• Windows 365 and Azure Virtual Desktop expanding access
• Modern Azure Resilience with Mark Russinovich
• EventLogExpert on GitHub
• ZoomIt (Sysinternals)
• Mark and Scott Learn
• Microsoft Copilot Credit Pre-Purchase Plan
• Microsoft Agent Factory
• Copilot Studio computer-using agents GA
• Microsoft Build 2026

• X/Twitter
• Bluesky
• LinkedIn
• Facebook
• Threads

Null Invocation, Monochrome Pulse

David is away this week, so it is just Richard and Cyrus. The episode ended up covering more ground than planned, and a couple of conversations went in directions that were not on the outline and were probably better for it.

Richard opens with harness engineering, the concept he thinks explains why AI agent projects look so good in the demo and fall apart in production, then moves on to Agent 365 going generally available and what it does and does not actually provide. Cyrus has a segment on Defender antivirus and Intune that reframes a question most security teams are asking in a way that is, in Richard's view, considerably more useful. And there is an unplanned conversation about vibe coding and SonarCloud that produced a finding neither of them had expected.

• Harness Engineering (Red Hat Developer, April 2026)
• Microsoft Agent 365 GA
• Microsoft 365 E7 and Agent 365 GA
• Copilot Flex Routing (Microsoft Learn)
• IBM Bob GA (IBM Newsroom, April 2026)
• IBM Bob product page

• X/Twitter
• Bluesky
• LinkedIn
• Facebook
• Threads

• Null Invocation, Monochrome Pulse

**THANKS FOR EVERYONE WHO NOTICED THE AUDIO GLITCH. THIS HAS NOW BEEN RESOLVED**

This week, David pulls a thread across six seemingly unrelated Microsoft GitHub repos and lands on a question the industry keeps skipping: whether the systems we're asking AI to reason about are actually readable enough for that reasoning to mean anything. It's a more durable framing than the usual "what can AI do for you" conversation, and it connects to everything from security posture to delivery backlogs to architectural fragility.

Cyrus covers a run of Microsoft security and identity updates. Entra license usage insights hitting GA, cross-tenant security group sync, Global Secure Access B2B support for AVD and Windows 365, macOS recovery lock, Defender promotional email handling, new advanced hunting tables, incident graph filtering, and Sentinel repositories reaching GA. He also highlights Chrome's rollout of device-bound session credentials, a hardware-backed fix to browser token theft that has been trivially exploitable for over a decade.

Richard covers a Microsoft Research paper on red teaming networks of AI agents. Over a hundred autonomous agents interacting through forums and messages, and four failure modes that only emerge when agents interact at scale: propagation, amplification, trust capture, and proxy chain invisibility. The researchers also observed emergent defences, with a small number of agents spontaneously developing security-conscious behaviour.

The episode closes with GitHub's shift from premium request units to token-based AI credits from June, and a shared comparison of what happens when agentic coding tools decide to ignore you.