GitHub Copilot users surpass 20 million as AI tools surge in demand
The figures, shared as part of Microsoft's Q4 FY25 earnings update, show a significant increase from the previous quarter, where user numbers stood at 15 million. The platform also highlighted that its Copilot Enterprise customer base increased 75 percent quarter-over-quarter.
Growth and adoption
AI-enabled projects on GitHub have more than doubled over the past year. The GitHub Code Review agent is now used to perform millions of code reviews each month on the platform, indicating sustained engagement from both new and existing users.
The release of new features over recent months, including a fully autonomous coding agent, has aimed to expand options for developers to automate routine coding jobs. This tool is designed to allow programmers to assign low- to medium-complexity tasks or issues and monitor their completion through GitHub's pull request system, with comprehensive security measures in place.
How the coding agent works
Developers can assign an issue to Copilot, either via the web, mobile, or the GitHub CLI, as they would a team member. The agent then initiates a secure development environment using GitHub Actions, applies a retrieval augmented generation method powered by GitHub code search, and pushes progress to a draft pull request. Every action taken by the agent is logged, providing insight into the agent's decision-making process.
Additional security controls ensure that any code proposed by the agent must be reviewed and approved before integration. Existing policies such as branch protections remain intact, and any deployment workflows are only triggered after human approval.
The autonomous coding agent uses vision models to interpret images attached to issues, such as screenshots or mockups, and can access additional context and data through GitHub's Model Context Protocol (MCP). This allows it to adapt to a variety of coding standards and requirements within different repositories. The Copilot coding agent is opening up doors for human developers to have their own agent-driven team, all working in parallel to amplify their work. We're now able to assign tasks that would typically detract from deeper, more complex work - allowing developers to focus on high-value coding tasks. - James Zabinski, DevEx Lead at EY
The Copilot coding agent is available to Copilot Enterprise and Copilot Pro+ customers, with support extended to a range of development environments including Xcode, Eclipse, JetBrains, and Visual Studio from June 2025.
Developer feedback The GitHub Copilot coding agent fits into our existing workflow and converts specifications to production code in minutes. This increases our velocity and enables our team to channel their energy toward higher-level creative work. - Alex Devkar, Senior Vice President, Engineering and Analytics, Carvana
The new coding agent is designed to respect organisational policies and rulesets. It is limited to interacting only with branches it creates, and any required code reviews or approvals set within a repository remain in effect. Its internet access is also limited to a configurable list of trusted destinations.
Company perspective GitHub Copilot has crossed 20 million users – up more than 5 million from last quarter. We're also seeing explosive AI growth on GitHub, with AI projects more than doubling over the past year. And it's all because of grit. It's no secret the market Copilot introduced has heated up. Over the past year, incredible startups and founders have built and scaled great products that found real traction. The true measure of a company is never drawn during its hype wave, but by its resilience when pressure tested. Hubbers across GitHub put their heads down, treated pressure as a privilege, and we innovated. This past year, we shipped over 230 updates to GitHub Copilot – becoming the first multi-model solution at Microsoft, in partnership with Anthropic, Google, and OpenAI. We enabled Copilot Free for millions and introduced the synchronous agent mode in VS Code, all the way to Spark and the coding agent native to GitHub. I could not be more proud of my colleagues. Even with all the constraints we've faced, we proved that a little grit wins the game. - Thomas Dohmke, CEO at GitHub
GitHub has stated its intention to continue expanding features to provide developers with increased flexibility and efficiency, promising further updates over the coming months.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
8 hours ago
- Scoop
Norton Adds Audio And Visual Deepfake Protection On Mobile
Norton, a leader in Cyber Safety and part of Gen (NASDAQ: GEN), has launched AI-powered deepfake protection in the Norton Genie AI Assistant on Norton 360 mobile apps. Currently in early access phase, Norton Deepfake Protection enables people to defend themselves from malicious AI-generated audio and video content. Initially available on select Microsoft Copilot+ PCs, people can now protect themselves not only from everyday scams, but also AI scams even if they don't have an AI PC. Norton Deepfake Protection in the Genie AI Assistant includes the ability to analyse audio and visual content for signs of manipulation. Beyond detecting AI-generated voices used in fraudulent schemes, the feature provides an added layer of contextual protection by spotting inconsistencies or faint deformations in the physical features of people appearing in videos. If a harmful deepfake is detected, the Genie AI Assistant will provide conversational Cyber Safety guidance and suggestions on what to do next. 'As AI-generated voices and faces become harder to distinguish from the real thing, trust is rapidly becoming one of the most fragile elements of our digital lives,' said Leena Elias, Chief Product Officer at Gen. 'The line between truth and deception is blurring, especially when malicious actors can abuse AI to create scams that replicate voices and imagery with startling realism. This is why we've made our deepfake protection accessible to people who don't have AI hardware, so they can confidently navigate and consume digital content without second-guessing what they see or hear.' Currently, Norton Deepfake Protection in Genie Scam Protection supports English-language YouTube videos with plans to expand platform and language support in future updates. To check for signs of scams in video content, people can upload YouTube links to Norton Genie AI Assistant and receive real-time guidance on the authenticity of a video. If malicious AI-generated content is found, the Genie AI Assistant will flag it and provide advice on what to do next. The early access version of Norton Deepfake Protection is currently available in Norton 360 mobile products in the US, UK, Australia, and New Zealand, across Android and iOS devices with desktop support coming soon. The focus at Norton on AI-powered scam protection won't stop here. Later in the year, deepfake protection for AI PCs will extend to devices powered by Intel chipsets, and more advanced detection capabilities will be available on both desktop and mobile platforms. For more information, visit
Techday NZ
8 hours ago
- Techday NZ
Norton launches AI deepfake detection for mobile in early rollout
Norton has begun offering early access to AI-powered deepfake protection within its Norton 360 mobile apps in several countries, including New Zealand. The feature, known as Norton Deepfake Protection, is available through the Genie AI Assistant as part of the Norton Genie Scam Protection suite. Initially accessible only on some Microsoft Copilot+ PCs, the technology is now available to mobile users with Android and iOS devices, enabling consumers without AI-specific hardware to benefit from the protection. Detection capabilities The tool can analyse audio and visual content, identifying signs of manipulation that could indicate the presence of AI-generated deepfakes. Its functions include the detection of AI-generated voices that might be used in fraudulent schemes and the spotting of subtle inconsistencies or deformations in the facial features of people shown in videos. If a deepfake is identified, users receive cyber safety guidance and recommendations on their next steps directly from the Genie AI Assistant. The service currently supports the analysis of English-language YouTube videos, with the ability for users to upload video links and obtain real-time feedback regarding authenticity. Support for additional languages and platforms is planned for future updates. Protecting digital trust "As AI-generated voices and faces become harder to distinguish from the real thing, trust is rapidly becoming one of the most fragile elements of our digital lives," said Leena Elias, Chief Product Officer at Gen. "The line between truth and deception is blurring, especially when malicious actors can abuse AI to create scams that replicate voices and imagery with startling realism. This is why we've made our deepfake protection accessible to people who don't have AI hardware, so they can confidently navigate and consume digital content without second-guessing what they see or hear." According to Norton, the rise in AI-generated audio and video content increases the potential for scams, particularly those involving fake voices or impersonations. By offering tools that evaluate both the sound and appearance of digital content for authenticity, the company aims to support individuals and families in verifying what they encounter online. Initial rollout and future plans The early access version of Norton Deepfake Protection is currently being made available to users in the US, UK, Australia, and New Zealand. Coverage is provided across both Android and iOS platforms, with the company stating that support for desktop devices is expected soon. Norton has indicated that deeper integration of deepfake protection capabilities will continue, with plans to extend the solution to AI PCs running on Intel chipsets later in the year. The company also intends to introduce further advanced detection features for both desktop and mobile users. The Genie AI Assistant will notify users if a piece of analysed content is determined to be an AI-generated scam, providing guidance on how to respond. For now, the feature is designed specifically for reviewing YouTube video content in English, but development is ongoing to broaden its usage across additional platforms and formats. Norton has stated its commitment to enhancing cyber safety measures to counter the rise in sophisticated online fraud that makes use of artificial intelligence, by making protections available to the general public without the need for specialised devices. Follow us on: Share on:
Techday NZ
9 hours ago
- Techday NZ
BeyondTrust launches Secrets Insights to tackle hidden identity risks
BeyondTrust has announced the expansion of its Identity Security Insights solution with the introduction of Secrets Insights, designed to address vulnerabilities arising from secrets and non-human identities. According to recent Identity Security Risk Assessments completed by BeyondTrust across various industries and organisational sizes, significant gaps have been discovered in current identity security postures. The findings reveal dormant service accounts with privilege in more than 70% of assessed environments. Additional issues include overly permissive Entra Service Principals, which can create direct pathways to Global Admin privileges, thereby endangering Microsoft 365 environments. The assessments also found that credentials are frequently reused across multiple service accounts by administrators, compounding the risks posed by a single compromised password. In the realm of privilege escalation, the report observes that low-privileged users are able to gain administrative access across Active Directory, Entra, AWS, Okta, and GitHub due to hidden escalation paths rooted in configuration errors, federation processes, and synchronisation. AD Service accounts that connect on-premises and cloud environments, particularly those with privileged Entra roles, were also identified as potential cross-platform attack vectors. The review highlighted further weaknesses, such as inadequate GitHub repository access management. This can lead to uncontrolled and unauthorised access to sensitive code and secrets, with personal GitHub accounts exacerbating the risk. "These identity infrastructure issues aren't just misconfigurations, they're invitations. Our Identity Security Risk Assessment data shows that many organisations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organisations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges," said Marc Maiffret, CTO at BeyondTrust. Agentic AI systems, which autonomously interface with infrastructure and provision access, are predicted to amplify the risks associated with unmanaged secrets and non-human identities. As organisations adopt these AI-driven systems, the potential for abuse of hidden privileges and secrets grows, underscoring the need for enhanced oversight. The new Secrets Insights feature is intended to provide this visibility. It builds upon the existing capabilities of BeyondTrust's Identity Security Insights platform, which allows organisations to monitor identity risk across Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, Ping Identity, and GitHub. With Secrets Insights, users can discover API keys, service account credentials, tokens, and similar assets across both cloud and on-premises setups, including within vaults, thereby mapping previously unmonitored access vectors. Key benefits Secrets Insights offers a number of core functions: discovery of unmanaged secrets throughout cloud and on-premises environments; identification of users with both direct and indirect access to these secrets; risk scoring and prioritisation focused on levels of exposure and privilege; and integration with BeyondTrust Password Safe, which automates remediation tasks. Maiffret commented on the next steps for the sector: "As organisations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security." Secrets Insights is scheduled to become available later this year. As part of its ongoing initiatives, BeyondTrust provides complimentary Identity Security Risk Assessments for qualified organisations. These assessments can be completed in under 48 hours and are intended to help organisations identify hidden privileges and secret-related risks, supporting steps towards reducing standing privilege and enabling just-in-time access.
