CIA Brief 20260509

Here’s a summary of the 10 stories posted in the Patrons News channel over the last 7 days, grouped by topic.

Security & Threat Intelligence

SOHO router compromise leads to DNS hijacking and AiTM attacks — Microsoft Threat Intelligence reports that Russian military-linked actor Forest Blizzard (sub-group Storm-2754) has compromised insecure home/small-office routers, redirecting DNS to attacker-controlled infrastructure to enable adversary-in-the-middle attacks against Outlook on the web. Over 200 organisations and 5,000 consumer devices have been impacted since August 2025. https://www.microsoft.com/en-us/security/blog/2026/04/07/soho-router-compromise-leads-to-dns-hijacking-and-adversary-in-the-middle-attacks/
ClickFix campaign uses fake macOS utilities to deliver infostealers — Threat actors are posting fake macOS troubleshooting guides on Medium, Squarespace and Craft pages instructing users to paste Terminal commands that install Macsync, Shub Stealer or AMOS infostealers, which exfiltrate Keychain entries, iCloud data and crypto wallet keys (and sometimes replace Ledger, Trezor and Exodus apps with trojanised versions). https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-lures-deliver-infostealers/
Multi-stage ‘code of conduct’ phishing leads to AiTM token compromise — A large credential-theft campaign (April 14–16) targeted ~35,000 users across 13,000 organisations in 26 countries, mostly US, using polished “internal regulatory” emails with PDF attachments. The chain ran through CAPTCHAs and staging pages before hitting an AiTM Microsoft sign-in flow that captures auth tokens. https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-conduct-phishing-campaign-leads-to-aitm-token-compromise/

Microsoft 365 Product Updates

What’s new in Microsoft Teams – April 2026 — Headline features include Copilot call delegation, Interpreter agent enhancements (consecutive interpretation, sign-language attribution), targeted messages from agents, sensitivity-label inheritance for recordings and Loop notes, an External Domains Anomalies Report, and Teams Phone user multi-line (up to 10 numbers per user). https://techcommunity.microsoft.com/blog/microsoftteamsblog/whats-new-in-microsoft-teams–april-2026/4515907
Microsoft 365 E7 and Agent 365 are now generally available — Microsoft’s new top-tier M365 SKU and the Agent 365 platform have moved to general availability (announced 1 May 2026). https://techcommunity.microsoft.com/blog/microsoft_365blog/microsoft-365-e7-and-agent-365-are-now-generally-available/4516295
Get more out of Microsoft Clipchamp with these little-known features — A walk-through of Brand kits for consistent logos/colours/fonts, fade and blur transitions, automatic captions, aspect-ratio presets for repurposing content, and built-in stock search — plus Copilot in the Clipchamp video hub for searchable, summarised playback. https://techcommunity.microsoft.com/blog/microsoft365insiderblog/get-more-out-of-microsoft-clipchamp-with-these-little%E2%80%91known-features/4514855

Identity, Security & SIEM Platform

Lock down AI, web and private apps – what’s new in Internet Access and Private Access — Updates to Microsoft Entra’s Global Secure Access covering tighter controls for AI traffic, web and private application access. https://techcommunity.microsoft.com/blog/microsoft-entra-blog/lock-down-ai-web-and-private-apps-what%E2%80%99s-new-in-internet-access-and-private-acce/3847825
What’s new in Microsoft Sentinel – April 2026 — RSAC-aligned updates including OSINT reports inside Threat Analytics, hard cost-limit enforcement for KQL queries and notebooks, new connectors (CrowdStrike, Imperva Cloud WAF, AWS ELB, rebuilt Logstash output plugin), Sentinel data federation, custom graphs, MCP entity analyzer GA and a Claude MCP connector. https://techcommunity.microsoft.com/blog/MicrosoftSentinelBlog/what%E2%80%99s-new-in-microsoft-sentinel-april-2026/4516354

CIAOPS Content

CIA Brief 20260502 — Robert’s weekly roundup of Microsoft 365, Copilot, AI and security news for the week ending 2 May 2026, covering items including the M365 E7 / Agent 365 GA announcement. https://blog.ciaops.com/2026/05/02/cia-brief-20260502/

Archive / Reference

The Future of SharePoint (2016 post) — Jeff Teper’s original “Future of SharePoint” announcement from May 2016, unveiling the cloud-first, mobile-first SharePoint vision, modern team sites, the SharePoint mobile app and the SharePoint Framework. Reposted to the channel for reference. https://www.microsoft.com/en-us/microsoft-365/blog/2016/05/04/the-future-of-sharepoint/

After hours

Why Would Anyone Live in NYC? – https://www.youtube.com/watch?v=POg3_b9txwM

Editorial

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

CIAOPS Need to Know Microsoft 365 Webinar – May

laptop-eyes-technology-computer_thumb

Now in our tenth year!

Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Copilot Cowork.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

May Registrations

(If you are having issues with the above link copy and paste – https://bit.ly/n2k2605 )

The details are:

CIAOPS Need to Know Webinar – May 2026
Friday 29th of May 2026
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Youtube channel.

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

CIA Brief 20260502

Microsoft 365 Copilot & AI Agents

Microsoft 365 E7 and Agent 365 are now generally available (1 May) — Microsoft’s new top-tier M365 SKU and the Agent 365 platform have moved to general availability. https://techcommunity.microsoft.com/blog/microsoft_365blog/microsoft-365-e7-and-agent-365-are-now-generally-available/4516295(opens in new window)
Copilot in Outlook — new agentic experiences for email and calendar (27 Apr) — New agent-driven capabilities in Outlook to autonomously triage email and manage calendar tasks. https://techcommunity.microsoft.com/blog/outlook/copilot-in-outlook-new-agentic-experiences-for-email-and-calendar/4514601(opens in new window)
GPT-5.5 Thinking and ChatGPT Images 2.0 in Microsoft 365 Copilot (27 Apr) — Both new OpenAI models are available today inside M365 Copilot, adding deeper reasoning and updated image generation. https://techcommunity.microsoft.com/blog/microsoft365copilotblog/available-today-gpt-5-5-thinking-and-chatgpt-images-2-0-in-microsoft-365-copilot/4514243(opens in new window)

Microsoft 365 Apps & Productivity

Get more out of Microsoft Clipchamp with these little-known features (1 May) — Tips on under-used Clipchamp features for video editing inside M365. https://techcommunity.microsoft.com/blog/microsoft365insiderblog/get-more-out-of-microsoft-clipchamp-with-these-little%E2%80%91known-features/4514855(opens in new window)
Microsoft 365 Backup — granular restore now GA (29 Apr) — Item-level / granular restore is now generally available in the M365 Backup service. https://techcommunity.microsoft.com/blog/microsoft_365blog/microsoft-365-backup-granular-restore-now-generally-available/4515936(opens in new window)
Converse naturally across languages with consecutive interpretation (25 Apr) — New M365 Insider feature delivering live consecutive interpretation between speakers. https://techcommunity.microsoft.com/blog/Microsoft365InsiderBlog/converse-naturally-across-languages-with-consecutive-interpretation/4514327(opens in new window)

Security & Defender

Enterprise Security Assessment — a strategic lens for mission-critical environments (30 Apr) — Framework for assessing security posture in mission-critical workloads. https://techcommunity.microsoft.com/blog/microsoftmissioncriticalblog/enterprise-security-assessment-a-strategic-lens-for-mission-critical-environment/4515991(opens in new window)
EDR coexistence by design — a practical starting point to Defender (30 Apr) — Guidance on running Microsoft Defender alongside third-party EDR tools during transition. https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/edr-coexistence-by-design-a-practical-starting-point-to-defender/4515265(opens in new window)
Email threat landscape Q1 2026 — trends and insights (30 Apr) — Microsoft’s quarterly report on phishing, BEC and email-borne attack trends. https://www.microsoft.com/en-us/security/blog/2026/04/30/email-threat-landscape-q1-2026-trends-and-insights/(opens in new window)
Granular email content access with unified RBAC — now default for new Defender for Office 365 tenants (29 Apr) — New tenants get the granular RBAC model by default for controlling who can read email content during investigations. https://techcommunity.microsoft.com/blog/MicrosoftDefenderforOffice365Blog/granular-email-content-access-with-unified-rbac-%E2%80%93-now-the-default-for-new-defend/4505344(opens in new window)

Identity (Microsoft Entra)

You can’t govern what you can’t see — closing the identity visibility gap for apps (30 Apr) — Entra capabilities to discover and govern app identities that are typically invisible to admins. https://techcommunity.microsoft.com/blog/microsoft-entra-blog/you-can%E2%80%99t-govern-what-you-can%E2%80%99t-see-closing-the-identity-visibility-gap-for-apps/4507464(opens in new window)

Microsoft Sentinel

What’s new in Microsoft Sentinel — April 2026 (1 May) — Monthly roundup of feature updates, connectors, and detection improvements in Sentinel. https://techcommunity.microsoft.com/blog/MicrosoftSentinelBlog/what%E2%80%99s-new-in-microsoft-sentinel-april-2026/4516354(opens in new window)

Exchange Online

Deprecating legacy TLS and endpoints for POP and IMAP in Exchange Online (27 Apr) — Timeline and impact for the retirement of legacy TLS versions and older POP/IMAP endpoints. https://techcommunity.microsoft.com/blog/exchange/deprecating-legacy-tls-and-endpoints-for-pop-and-imap-in-exchange-online/4515201(opens in new window)

Corporate / Earnings

Microsoft FY26 Q3 earnings — press release & webcast (29 Apr) — Microsoft’s third-quarter FY26 financial results announcement page. https://www.microsoft.com/en-us/Investor/earnings/FY-2026-Q3/press-release-webcast

After hours

Starship – Test like you Fly – https://www.youtube.com/watch?v=ANe_HW4X8oc

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Need to Know podcast–Episode 363

I reflect on the significance of the day before diving into the week’s major developments, including the arrival of the Microsoft AI Tour in Sydney. The episode covers both partner and public events, with a focus on enterprise-level AI advancements and networking opportunities.

The podcast features a comprehensive weekly news roundup:

The general availability of Copilot Agent capabilities in Microsoft 365 apps.
New data security tools for AI in Microsoft Purview.
Innovations in identity resilience and backup with Microsoft Entra.
Microsoft’s $25 billion investment in Australian AI infrastructure and training.
Practical security playbooks for tenant protection and device analytics.
Updates on decluttering promotional mail with Microsoft Defender.
Guidance on preventing oversharing in Copilot, deploying Defender, and enforcing data security with Purview.

I also share my workflow for automating podcast production using Copilot Cowork, including narration scripts and link management. I discuss experimenting with AI-driven voice narration and invites listener feedback on pacing and voice options.

The episode concludes with reflections on the Microsoft AI Tour’s enterprise focus, the importance of networking, and the challenges SMBs face in accessing relevant content. Listeners are encouraged to reach out with questions or feedback and to stay tuned for upcoming events like Microsoft Build and Ignite.

Brought to you by www.ciaopspatron.com

you can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-363-hello-cowork/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show

Resources

CIAOPS Need to Know podcast – CIAOPS – Need to Know podcasts | CIAOPS

X – https://www.twitter.com/directorcia

director@ciaops.com

CIAOPS Blog – CIAOPS – Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency

Join my Teams shared channel – Join my Teams Shared Channel – CIAOPS

CIAOPS Merch store – CIAOPS

Become a CIAOPS Patron – CIAOPS Patron

CIAOPS Brief – CIA Brief – CIAOPS

CIAOPS Labs – CIAOPS Labs – The Special Activities Division of the CIAOPS

Support CIAOPS – Support CIAOPS

Get your M365 questions answered via email

Join the CIAOPS Email list – Please fill out this form

A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com

Show notes

Microsoft 365 Insider Round-Up — April 2026

Declutter and Defend: Reducing Promotional Mail Noise with Microsoft Defender

Prevent Oversharing in Microsoft 365 Copilot

Microsoft Defender Deployment Tool

From Oversharing to Enforcement: A Practical Guide to AI Data Security with Microsoft Purview

Investing in Australia’s AI Future

Copilot’s Agentic Capabilities in Word, Excel and PowerPoint Are Generally Available

Predictive Shielding: Just-in-Time Tamper Protection

Threat Hunting Agent in Advanced Hunting

Bringing Transparency to AI-Generated Content with Watermarks in Microsoft 365

Microsoft 365 Copilot Readiness and Resiliency with SharePoint and Microsoft 365 Backup

Introducing the Microsoft Sentinel Training Lab

A Practical Look at Device Analytics and Risk Signals with Microsoft Intune

Innovations in OneDrive for Collaboration, Intelligence and Control

Strengthening Identity Resilience: A Deep Dive Into Microsoft Entra Backup and Recovery

Detection Strategies for Cloud Identities Against Infiltrating IT Workers (Jasper Sleet)

Safeguarding Sensitive Data in Microsoft 365 Copilot Interactions: DLP for Microsoft 365 Copilot

Detecting Plain-Text Password Exposure Using Custom Regex in Microsoft Purview

Cross-Tenant Helpdesk Impersonation to Data Exfiltration: A Human-Operated Intrusion Playbook

CIA Brief 20260425

Microsoft 365 Copilot & AI Productivity

Copilot’s agentic capabilities in Word, Excel, and PowerPoint are generally available — Agent-driven Copilot features for the core Office apps have moved from preview to GA. https://www.microsoft.com/en-us/microsoft-365/blog/2026/04/22/copilots-agentic-capabilities-in-word-excel-and-powerpoint-are-generally-available/(opens in new window)
Microsoft 365 Copilot readiness and resiliency with SharePoint and M365 Backup — Guidance on preparing SharePoint content and using M365 Backup so Copilot deployments stay resilient. https://techcommunity.microsoft.com/blog/microsoft365copilotblog/microsoft-365-copilot-readiness-and-resiliency-with-sharepoint-and-m365-backupar/4513048(opens in new window)
Bringing transparency to AI-generated content with watermarks in Microsoft 365 — Microsoft 365 is adding content credentials/watermarks to AI-generated artefacts. https://techcommunity.microsoft.com/blog/microsoft365insiderblog/bringing-transparency-to-ai-generated-content-with-watermarks-in-microsoft-365/4501376(opens in new window)
Prevent oversharing in Microsoft 365 Copilot (video) — Short walkthrough on stopping Copilot from surfacing content users shouldn’t see. https://www.youtube.com/watch?v=iJUUmQXplv4(opens in new window)
Microsoft 365 Insider Round-up – April 2026 — Monthly LinkedIn round-up of new Insider features across the M365 suite. https://www.linkedin.com/pulse/microsoft-365-insider-round-up-april-2026-microsoft-365-insider-lzahc/(opens in new window)

Security – Defender & Threat Protection

Declutter and defend: reducing promotional mail noise with Microsoft Defender — New Defender for Office 365 capability that reduces graymail clutter while preserving threat detection. https://techcommunity.microsoft.com/blog/microsoftdefenderforoffice365blog/declutter-and-defend-reducing-promotional-mail-noise-with-microsoft-defender/4511732(opens in new window)
New Defender Deployment Tool (video) — Automates onboarding of Windows, Linux, and legacy devices to Microsoft Defender, replacing scripts and manual installs. https://www.youtube.com/watch?v=RjNMdtzRU9s(opens in new window)
Predictive Shielding – Just-in-Time Tamper Protection (video) — Defender’s predictive defence that pre-empts attacker tamper attempts before damage occurs. https://www.youtube.com/watch?v=faWuQm50suQ(opens in new window)
Threat Hunting Agent in Advanced Hunting (video) — Security Copilot agent that lets analysts hunt threats in natural language without writing KQL. https://www.youtube.com/watch?v=OzE7oMhHBZk(opens in new window)
Introducing the Microsoft Sentinel Training Lab — A hands-on lab environment for practising SOC operations in Sentinel. https://techcommunity.microsoft.com/blog/microsoftsentinelblog/introducing-the-microsoft-sentinel-training-lab-hands-on-security-operations-in-/4513274(opens in new window)
Cross-tenant helpdesk impersonation – human-operated intrusion playbook — Microsoft Threat Intelligence playbook on attackers abusing helpdesk roles across tenants to exfiltrate data. https://www.microsoft.com/en-us/security/blog/2026/04/18/crosstenant-helpdesk-impersonation-data-exfiltration-human-operated-intrusion-playbook/(opens in new window)
Detection strategies for cloud identities against infiltrating IT workers — How to detect insider-style infiltration of cloud identities (e.g., DPRK-style fake IT worker schemes). https://www.microsoft.com/en-us/security/blog/2026/04/21/detection-strategies-cloud-identities-against-infiltrating-it-workers/(opens in new window)

Data Protection & Purview

From oversharing to enforcement – a practical guide to AI data security with Purview — End-to-end Purview workflow from discovery of oversharing through to enforcement for AI scenarios. https://techcommunity.microsoft.com/blog/microsoft-purview-blog/from-oversharing-to-enforcement-a-practical-guide-to-ai-data-security-with-micro/4513727(opens in new window)
Safeguarding sensitive data in Microsoft 365 Copilot interactions – DLP for Copilot — DLP policies that inspect and protect sensitive data inside Copilot prompts and responses. https://techcommunity.microsoft.com/blog/microsoft-security-blog/safeguarding-sensitive-data-in-microsoft-365-copilot-interactions-dlp-for-micros/4512497(opens in new window)
Detecting plain-text password exposure using custom regex in Microsoft Purview — Using custom Purview classifiers/regex to catch passwords exposed in documents and chat. https://techcommunity.microsoft.com/blog/microsoft-security-blog/detecting-plain%E2%80%91text-password-exposure-using-custom-regex-in-microsoft-purview/4513022(opens in new window)

Identity (Entra)

Strengthening identity resilience – a deep dive into Microsoft Entra Backup and Restore — Detailed look at the new Entra Backup and Restore service for recovering identity configuration. https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/strengthening-identity-resilience-a-deep-dive-into-microsoft-entra-backup-and-re/4513401(opens in new window)

Devices & Endpoint Management

A practical look at device analytics and risk signals with Microsoft Intune — How nonprofits (and others) can use Intune device analytics and risk signals to drive Conditional Access. https://techcommunity.microsoft.com/blog/nonprofittechies/a-practical-look-at-device-analytics-and-risk-signals-with-microsoft-intune/4513485(opens in new window)

Collaboration & OneDrive

Innovations in OneDrive for collaboration, intelligence, and control — Roadmap of OneDrive updates around sharing, AI features, and admin controls. https://techcommunity.microsoft.com/blog/onedriveblog/innovations-in-onedrive-for-collaboration-intelligence-and-control/4512171(opens in new window)

Industry & Regional

Investing in Australia’s AI future — Microsoft Source piece on Microsoft’s investments in Australian AI infrastructure, skills, and partnerships. https://news.microsoft.com/source/asia/features/investing-in-australias-ai-future/

After hours

Coyote vs ACME – https://www.youtube.com/watch?v=H-43VeYGiPM

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

CIA Brief 20260418

Security & Threat Intelligence

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise — Microsoft Threat Intelligence breaks down how the Sapphire Sleet threat actor moves from social-engineering lure to full macOS compromise. https://www.microsoft.com/en-us/security/blog/2026/04/16/dissecting-sapphire-sleets-macos-intrusion-from-lure-to-compromise/(opens in new window)
Incident response for AI: Same fire, different fuel — How IR fundamentals carry over to AI-related incidents, and what’s genuinely different. https://www.microsoft.com/en-us/security/blog/2026/04/15/incident-response-for-ai-same-fire-different-fuel/(opens in new window)
Enterprise Cybersecurity in the Age of AI — Why legacy security approaches are falling behind as attackers adopt AI to move faster. https://techcommunity.microsoft.com/blog/microsoft-security-blog/enterprise-cybersecurity-in-the-age-of-ai-why-legacy-security-is-failing-as-atta/4511187(opens in new window)
Credential Exposure Risk & Response Workbook — A new workbook to help teams assess and respond to credential exposure risks. https://techcommunity.microsoft.com/blog/microsoft-security-blog/credential-exposure-risk–response-workbook/4511172(opens in new window)
The agentic SOC — Rethinking SecOps for the next decade — A vision for how agentic AI reshapes security operations. https://www.microsoft.com/en-us/security/blog/2026/04/09/the-agentic-soc-rethinking-secops-for-the-next-decade/(opens in new window)

Developer Tools (GitHub)

GitHub Copilot CLI combines model families for a second opinion — The Copilot CLI can now consult multiple model families for richer answers. https://github.blog/ai-and-ml/github-copilot/github-copilot-cli-combines-model-families-for-a-second-opinion/(opens in new window)
Remote control CLI sessions on web and mobile (public preview) — Control Copilot CLI sessions from the browser or mobile app. https://github.blog/changelog/2026-04-13-remote-control-cli-sessions-on-web-and-mobile-in-public-preview/(opens in new window)

After hours

Smarter Inspections Powered by Google Gemini Robotics | Boston Dynamics – https://www.youtube.com/watch?v=kBwxmlI2yHQ

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

CIA Brief 20260411

Anthropic’s powerful new AI model raises concerns about high-tech risks –

https://www.youtube.com/watch?v=lMaCfQMlXY0

Defender XDR – Monthly news – April 2026 –

https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/monthly-news—april-2026/45…

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees –

https://www.microsoft.com/en-us/security/blog/2026/04/09/investigating-storm-2755-payroll-pirate-at…

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks –

https://www.microsoft.com/en-us/security/blog/2026/04/07/soho-router-compromise-leads-to-dns-hijack…

Inside an AI‑enabled device code phishing campaign –

https://www.microsoft.com/en-us/security/blog/2026/04/06/ai-enabled-device-code-phishing-campaign-a…

Security Copilot Skilling Series –

https://techcommunity.microsoft.com/blog/microsoft-security-blog/security-copilot-skilling-series/4…

A modernized comments experience for Word, Excel, and PowerPoint on iPhone –

https://techcommunity.microsoft.com/blog/microsoft365insiderblog/a-modernized-comments-experience-f…

Microsoft Defender for Cloud Customer Newsletter –

https://techcommunity.microsoft.com/blog/microsoftdefendercloudblog/microsoft-defender-for-cloud-cu…

A third-party connector integrating Claude with Microsoft Sentinel is now available –

https://techcommunity.microsoft.com/blog/microsoftsentinelblog/a-third-party-connector-integrating-…

Threat actor abuse of AI accelerates from tool to cyberattack surface –

https://www.microsoft.com/en-us/security/blog/2026/04/02/threat-actor-abuse-of-ai-accelerates-from-…

The best backup is the one you never think about –

https://techcommunity.microsoft.com/blog/microsoft365insiderblog/the-best-backup-is-the-one-you-nev…

What’s new in Microsoft Intune – March –

https://techcommunity.microsoft.com/blog/microsoftintuneblog/what%E2%80%99s-new-in-microsoft-intune…

What’s New in Microsoft 365 Copilot | March 2026 –

https://techcommunity.microsoft.com/blog/microsoft365copilotblog/what%E2%80%99s-new-in-microsoft-36…

What’s new in Power Platform: March 2026 feature update –

https://www.microsoft.com/en-us/power-platform/blog/power-apps/whats-new-in-power-platform-march-20…

High Volume Email reaches General Availability in Exchange Online –

https://techcommunity.microsoft.com/blog/exchange/high-volume-email-reaches-general-availability-in…

Microsoft 365 Copilot: Researcher with multi-model intelligence –

https://www.youtube.com/watch?v=G4ZqK7_15uw

Copilot Cowork: Sales and Finance Workflows –

https://www.youtube.com/watch?v=h7nv7OCfsCY

File-level archiving comes to Microsoft 365 Archive (public preview) –

https://techcommunity.microsoft.com/blog/microsoft_365blog/file-level-archiving-comes-to-microsoft-…

Introducing multi-model intelligence in Researcher –

https://techcommunity.microsoft.com/blog/microsoft365copilotblog/introducing-multi-model-intelligen…

Copilot Cowork: Now available in Frontier –

https://www.microsoft.com/en-us/microsoft-365/blog/2026/03/30/copilot-cowork-now-available-in-front…

Microsoft SharePoint Turns 25! –

https://techcommunity.microsoft.com/blog/microsoft365insiderblog/microsoft-sharepoint-turns-25/4505…

Protect your enterprise from shadow AI and more: Announcements at RSAC 2026 –

https://blogs.windows.com/msedgedev/2026/03/23/protect-your-enterprise-from-shadow-ai-and-more-anno…

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise –

https://www.microsoft.com/en-us/security/blog/2026/03/24/detecting-investigating-defending-against-…

What’s new in SharePoint lists –

https://www.youtube.com/watch?v=HVrNK7MPzLk

Accessibility Assistant now flags inaccessible hyperlinks –

https://techcommunity.microsoft.com/blog/microsoft365insiderblog/accessibility-assistant-now-flags-…

After hours

Bessent summoned Wall Street leader to discuss Anthropic’s new AI – https://www.youtube.com/watch?v=Kl9LKFMj3Eg

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Need to Know podcast–Episode 362

In this episode of the CIAOPS Need to Know podcast, we take an AI‑first look at what’s happening across the Microsoft Cloud and what it really means for small and medium businesses. Episode 362 cuts through the noise to focus on the practical, real‑world impact of artificial intelligence as Microsoft continues to embed AI across Microsoft 365, Azure, and everyday productivity tools.

We discuss how an AI‑first mindset is changing the way SMBs should think about security, productivity, and operational efficiency, along with what partners and IT professionals need to pay attention to right now. Expect clear explanations, informed opinions, and actionable insights designed to help you make sense of rapid change without the hype.

Brought to you by www.ciaopspatron.com

you can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-362-ai-first/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Resources

Explore the tools, communities, and content mentioned in this episode:

CIAOPS Need to Know podcast – CIAOPS – Need to Know podcasts | CIAOPS

X – https://www.twitter.com/directorcia

director@ciaops.com

CIAOPS Blog – CIAOPS – Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency

Join my Teams shared channel – Join my Teams Shared Channel – CIAOPS

CIAOPS Merch store – CIAOPS

Become a CIAOPS Patron – CIAOPS Patron

CIAOPS Brief – CIA Brief – CIAOPS

CIAOPS Labs – CIAOPS Labs – The Special Activities Division of the CIAOPS

Support CIAOPS – Support CIAOPS

Get your M365 questions answered via email

Please fill out this form

A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com

Microsoft 365 Copilot & AI in the Workplace

Product updates and new Copilot experiences