In this episode, we dig into Cowork Skills and why they represent a genuine shift from “AI as a novelty” to “AI as part of how work actually gets done.” Not more prompts. Not more tools. But fewer decisions, less friction, and more consistency across the business. If you’ve ever thought “Copilot is interesting, but it’s not really embedded yet”, this episode is for you.
A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com CIAOPS MSP Skills
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
Configuration becomes vulnerability: Exploitable misconfigurations in AI apps (14 May) Microsoft Defender researchers found that AI and agentic apps deployed on Kubernetes (Mage AI, kagent, AutoGen Studio, MCP servers, and others) are frequently exposed to the internet with weak or missing authentication, enabling remote code execution, credential theft, and data exposure without any zero-day exploit. Defender for Cloud signals show >50% of cloud-native workload exploitations stem from these misconfigurations. https://www.microsoft.com/en-us/security/blog/2026/05/14/configuration-becomes-vulnerability-exploitable-misconfigurations-ai-apps/(opens in new window)
Kazuar: Anatomy of a nation-state botnet (14 May) Deep technical analysis of Kazuar, a Russian state actor (Secret Blizzard) malware family that has evolved from a traditional backdoor into a modular peer-to-peer botnet with Kernel/Bridge/Worker components, leader-election for stealth, and multiple fallback C2 channels (HTTP, WebSockets, Exchange Web Services). Used to target government and diplomatic organisations in Europe, Central Asia, and Ukraine. https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/(opens in new window)
What’s new in Power Platform: May 2026 feature update (15 May) Power Fx user-defined types (UDTs) and the Grid container control are now generally available. New previews include custom MCP-powered tools and rich Fluent UI widgets for app-based Copilot conversations, generative pages with input context, a new high-performance Data Grid modern control, OnSelect on the Icon control, and a PowerCAT skill for migrating retired InfoPath forms to Canvas Apps using AI coding agents. https://www.microsoft.com/en-us/power-platform/blog/2026/05/14/whats-new-in-power-platform-may-2026-feature-update/(opens in new window)
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
A weekly roundup of Microsoft Cloud news with a focus on SMBs. Key topics include Microsoft’s internal testing of an always-on AI assistant, major security threats such as Russian state-sponsored router hijacking and advanced phishing attacks, updates to Microsoft Teams, and a retrospective on SharePoint’s evolution. Robert also discusses the challenges and strategies for adopting AI in business, emphasizing the need for a unified, collaborative approach to AI usage within organizations.
A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com
Here’s a summary of the 10 stories posted in the Patrons News channel over the last 7 days, grouped by topic.
Security & Threat Intelligence
SOHO router compromise leads to DNS hijacking and AiTM attacks — Microsoft Threat Intelligence reports that Russian military-linked actor Forest Blizzard (sub-group Storm-2754) has compromised insecure home/small-office routers, redirecting DNS to attacker-controlled infrastructure to enable adversary-in-the-middle attacks against Outlook on the web. Over 200 organisations and 5,000 consumer devices have been impacted since August 2025. https://www.microsoft.com/en-us/security/blog/2026/04/07/soho-router-compromise-leads-to-dns-hijacking-and-adversary-in-the-middle-attacks/
ClickFix campaign uses fake macOS utilities to deliver infostealers — Threat actors are posting fake macOS troubleshooting guides on Medium, Squarespace and Craft pages instructing users to paste Terminal commands that install Macsync, Shub Stealer or AMOS infostealers, which exfiltrate Keychain entries, iCloud data and crypto wallet keys (and sometimes replace Ledger, Trezor and Exodus apps with trojanised versions). https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-lures-deliver-infostealers/
What’s new in Microsoft Teams – April 2026 — Headline features include Copilot call delegation, Interpreter agent enhancements (consecutive interpretation, sign-language attribution), targeted messages from agents, sensitivity-label inheritance for recordings and Loop notes, an External Domains Anomalies Report, and Teams Phone user multi-line (up to 10 numbers per user). https://techcommunity.microsoft.com/blog/microsoftteamsblog/whats-new-in-microsoft-teams–april-2026/4515907
CIA Brief 20260502 — Robert’s weekly roundup of Microsoft 365, Copilot, AI and security news for the week ending 2 May 2026, covering items including the M365 E7 / Agent 365 GA announcement. https://blog.ciaops.com/2026/05/02/cia-brief-20260502/
Archive / Reference
The Future of SharePoint (2016 post) — Jeff Teper’s original “Future of SharePoint” announcement from May 2016, unveiling the cloud-first, mobile-first SharePoint vision, modern team sites, the SharePoint mobile app and the SharePoint Framework. Reposted to the channel for reference. https://www.microsoft.com/en-us/microsoft-365/blog/2016/05/04/the-future-of-sharepoint/
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Copilot Cowork.
Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.
You can register for the regular monthly webinar here:
Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
I reflect on the significance of the day before diving into the week’s major developments, including the arrival of the Microsoft AI Tour in Sydney. The episode covers both partner and public events, with a focus on enterprise-level AI advancements and networking opportunities.
The podcast features a comprehensive weekly news roundup:
The general availability of Copilot Agent capabilities in Microsoft 365 apps.
New data security tools for AI in Microsoft Purview.
Innovations in identity resilience and backup with Microsoft Entra.
Microsoft’s $25 billion investment in Australian AI infrastructure and training.
Practical security playbooks for tenant protection and device analytics.
Updates on decluttering promotional mail with Microsoft Defender.
Guidance on preventing oversharing in Copilot, deploying Defender, and enforcing data security with Purview.
I also share my workflow for automating podcast production using Copilot Cowork, including narration scripts and link management. I discuss experimenting with AI-driven voice narration and invites listener feedback on pacing and voice options.
The episode concludes with reflections on the Microsoft AI Tour’s enterprise focus, the importance of networking, and the challenges SMBs face in accessing relevant content. Listeners are encouraged to reach out with questions or feedback and to stay tuned for upcoming events like Microsoft Build and Ignite.
A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com
CIAOPS 