An interesting read from Microsoft about a multi-stage campaign observed between April 14 and 16, 2026, targeting more than 35,000 users across 13,000 organisations in 26 countries. https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-conduct-phishing-campaign-leads-to-aitm-token-compromise/ #microsoft #sirt #phishing #aitm #tokencompromise #cybersecurity #danweis #nexon #hackproofyourself #boardroomcyber #danweis

On Tuesday Kali 2026.1 was released. You can find all the details here: https://www.kali.org/blog/kali-linux-2026-1-release/ #kali #2026.1 #backtrack #pentesting #danweis #nexon

By now I'm sure you are all aware of what proper AI governance means for your organisation, but for those of you who don't, AI governance refers to the framework of rules, practices, and processes used to ensure that AI systems are developed and deployed responsibly, ethically, and safely. Most organisations vet their software vendors for AI risk, but what about your third parties / service providers your organisation utilises? How do you gain visibility into their AI usage, security &...