Microsoft faces exposure across two structurally distinct attack surfaces this week: M365 Direct Send SMTP relay abuse enabling internal domain spoofing that bypasses SPF, DKIM, and DMARC authentication checks, and a path traversal vulnerability (CVE-2026-25592) in Microsoft Semantic Kernel allowing unauthorized file access in AI agent deployments. Neither item has a simple patch-and-done resolution — Direct Send abuse is a configuration and architecture problem, while Semantic Kernel requires patching combined with AI agent permission scoping. Both items extend the attack surface into AI and productivity infrastructure that most security teams do not yet monitor.