Xero Delivers Claude Integration to Advance AI-Powered Financial Intelligence

Posted in Commentary on May 13, 2026 by itnerd

Xero, the global small business platform, today announced its live integration with Anthropic, the company behind Claude. Building on a multi-year partnership announced in late March, the speed to market of the integration marks a significant milestone for Xero customers. The partnership brings Claude directly into Xero and Xero’s financial data and tools into Claude.ai, changing how small businesses around the world can access and act on real-time financial intelligence.

Built on 20 years of innovation and trusted by over 4.5 million subscribers in more than 180 countries, Xero is redefining the future of small business finance. Tailored for the experience of conversing with Claude, this integration leverages the same foundational capabilities that Xero’s superagent JAX uses to run financial analysis. Xero’s intentional approach to design agentic reasoning foundations to be reusable from day one accelerated the delivery of this new experience to customers. For the first time, Xero customers can leverage Xero and work with their financial data directly inside a leading AI platform.

“AI is rapidly becoming an integral part of our customers’ workspace, and to be effective, that workspace requires Xero’s trusted financial intelligence as its foundation,” said Diya Jolly, Chief Product & Technology Officer, Xero. “Delivering this financial context within Claude bridges the gap between the everyday AI tools customers use and Xero’s rich financial data. When customers engage in wide-ranging conversations with Claude about their business strategy or day-to-day operations, they can now use Claude to instantly pull up their cash position, check overdue invoices, or see how profit is tracking, all without breaking their flow of work. 

That’s what it means to have Xero wherever you work and it’s part of our commitment to ensuring customers can leverage Xero at every point in their decision-making process.”

Today, users with an active Xero subscription can bring their financial data directly into their Claude conversations to solve immediate business challenges and provide financial clarity without switching tools. The insights generated in Claude link back to Xero for customers to take action, such as reviewing the full report, contact record or invoice detail. By providing live data from Xero rather than a static export, users can uncover strategic financial insights and reporting in areas like:

  • Revenue and profit: Uncover total earnings, if profit is up or down and how performance compares over time
  • Contacts and receivables: Discover outstanding payments, overdue invoices, and which customers contribute the most revenue
  • Financial position and cash position: Get a snapshot of business health by viewing assets, liabilities, and cash flow position

In line with Xero’s responsible data use commitments, data responsibility is foundational to the partnership. Financial data shared between the platforms is used solely for the user’s specific session — proprietary business data is never used to train Claude’s AI models.

This live integration further extends the power of Xero OS by delivering customers a trusted financial system for the agentic era and is underpinned by Xero’s commitment to providing AI experiences grounded in Accountable Intelligence. To learn more about how to leverage Xero within Claude, visit: xero.com/campaign/claude-connector

Leave a comment »

Xero Delivers Claude Integration to Advance AI-Powered Financial Intelligence

Posted in Commentary with tags on May 13, 2026 by itnerd

Xero today announced its live integration with Anthropic, the company behind Claude. Building on a multi-year partnership announced in late March, the speed to market of the integration marks a significant milestone for Xero customers. The partnership brings Claude directly into Xero and Xero’s financial data and tools into Claude.ai, changing how small businesses around the world can access and act on real-time financial intelligence.

Built on 20 years of innovation and trusted by over 4.5 million subscribers in more than 180 countries, Xero is redefining the future of small business finance. Tailored for the experience of conversing with Claude, this integration leverages the same foundational capabilities that Xero’s superagent JAX uses to run financial analysis. Xero’s intentional approach to design agentic reasoning foundations to be reusable from day one accelerated the delivery of this new experience to customers. For the first time, Xero customers can leverage Xero and work with their financial data directly inside a leading AI platform.

Today, users with an active Xero subscription can bring their financial data directly into their Claude conversations to solve immediate business challenges and provide financial clarity without switching tools. The insights generated in Claude link back to Xero for customers to take action, such as reviewing the full report, contact record or invoice detail. By providing live data from Xero rather than a static export, users can uncover strategic financial insights and reporting in areas like:

  • Revenue and profit: Uncover total earnings, if profit is up or down and how performance compares over time
  • Contacts and receivables: Discover outstanding payments, overdue invoices, and which customers contribute the most revenue
  • Financial position and cash position: Get a snapshot of business health by viewing assets, liabilities, and cash flow position

In line with Xero’s responsible data use commitments, data responsibility is foundational to the partnership. Financial data shared between the platforms is used solely for the user’s specific session — proprietary business data is never used to train Claude’s AI models.

This live integration further extends the power of Xero OS by delivering customers a trusted financial system for the agentic era and is underpinned by Xero’s commitment to providing AI experiences grounded in Accountable Intelligence. To learn more about how to leverage Xero within Claude, visit: xero.com/campaign/claude-connector.

Leave a comment »

Guest Post: Canvas paid hackers – but the student data questions are just beginning

Posted in Commentary with tags on May 13, 2026 by itnerd

By Stefanie Schappert

The Canvas attack shows how educational platforms have become critical infrastructure – and how paying off hackers still leaves major questions about whether student data is ever truly safe. 

Last week’s Canvas cyberattack led to a finals-week nightmare for thousands of students across North America, locking them out of exams, assignments, and coursework – all while putting them face-to-face with the notorious ShinyHunters ransomware gang – something most students would never have expected. 

With threats to release stolen data belonging to 275 million students and teachers tied to the e-learning platform, Canvas by Instructure announced over the weekend it paid off the seasoned hackers, alongside a “digital confirmation of data destruction” from ShinyHunters themselves. 

The undisclosed ransom demand was reportedly paid to ShinyHunters as part of an agreement intended to prevent an imminent leak affecting schools, from kindergarten classrooms to universities worldwide. 

But now the breach is becoming something much bigger: a test of whether the more than 8,000 schools caught up in the hack can trust a hacker group’s word that stolen student data was actually destroyed.

Despite historical evidence that ransomware groups lie, students, parents, and schools are still being asked to accept that these cybercriminals will honor their end of the deal.

Paying hackers does not erase the risk 

While it may have been enough to stop an immediate leak, it does not erase the larger problem – once student data is stolen, control is gone.

If we look back to the December 2024 breach of edtech software provider PowerSchool, the lesson apparently has not been learned.

After PowerSchool allegedly forked over a $60 million ransom demand, the 19-year-old attacker later turned to extorting the 15,000 North American school districts using the platform – despite earlier promises to delete the stolen data. 

Fast forward to the Canvas breach. The company says there is no evidence the stolen information was publicly leaked or retained after the payment agreement. 

Canvas revealed compromised data included full names, email addresses, student IDs, course and enrollment data, plus “billions of private messages” exchanged on the platform. 

And while passwords, Social Security numbers, financial information, grades, coursework submissions, and student files were not exposed, cyber experts say once student data falls into the hands of criminal actors, “the implications for identity theft, targeted social engineering, and even safeguarding are serious and long-lasting.”

Despite historical evidence that ransomware groups lie, students, parents, and schools are still being asked to accept that these cybercriminals will honor their end of the deal.

Criminal promises are still promises from criminals 

To be fair, there is a reason extortion groups sometimes do. ShinyHunters and groups like it operate for profit. Their entire business model depends on victims believing that payment can reduce damage, prevent leaks, or stop further extortion. 

If hackers routinely take the money and leak the data anyway, future victims have less incentive to pay.

In that sense, even criminal groups have a reputation to protect.

But that does not make their promises trustworthy. Data can be copied. Affiliates can retain files. Archives can resurface months later.

The PowerSchool breach already showed how difficult it is for schools and families to know whether stolen student information has truly disappeared after a cyber extortion incident.

That is why the Canvas case matters beyond a company apology and a single ransom agreement.

One platform, millions of students 

The attack also exposed how dependent modern schools have become on centralized cloud platforms to function at all. 

Canvas is no longer just a homework portal. For many schools, it is the classroom, gradebook, assignment tracker, messaging hub, exam platform, and student records pipeline all rolled into one.

When initial negotiations failed, ShinyHunters upped the ante, defacing Canvas login pages with threats and turned to targeting individual schools for extortion. 

With the system down, frustrated students and teachers lost access to key classroom tools, while school officials scrambled to contain the damage, with some schools forced to cancel final exams altogether.

It is the same uncomfortable lesson seen in the infamous AWS and CrowdStrike disruptions from years past: when one widely used platform fails, entire industries can grind to a halt all at once.

The answer is not for schools to abandon cloud platforms altogether. That’s unrealistic. But cyber insiders have long warned that institutions need real backup plans before outages happen – not improvised workarounds after the systems have already been disabled.

Because when the world’s classrooms run on a single platform, a cyberattack is no longer just an IT problem – it becomes an education crisis. 

ABOUT THE EXPERT

Stefanie Schappert, a senior journalist at Cybernews, is an accomplished writer with an M.S. in cybersecurity, immersed in the security world since 2019.  She has a decade-plus experience in America’s #1 news market working for Fox News, Gannett, Blaze Media, Verizon Fios1, and NY1 News.  With a strong focus on national security, data breaches, trending threats, hacker groups, global issues, and women in tech, she is also a commentator for live panels, podcasts, radio, and TV. Earned the ISC2 Certified in Cybersecurity (CC) certification as part of the initial CC pilot program, participated in numerous Capture-the-Flag (CTF) competitions, and took 3rd place in Temple University’s International Social Engineering Pen Testing Competition, sponsored by Google.  Member of Women’s Society of Cyberjutsu (WSC), Upsilon Pi Epsilon (UPE) International Honor Society for Computing and Information Disciplines.

Leave a comment »

Kind electricity – wâsikan kisewâtisiwin joins TELUS Sovereign AI Factory to power reconciliation with care

Posted in Commentary with tags on May 13, 2026 by itnerd

Indigenous AI tech startup wâsikan kisewâtisiwin (wuh-see-gah-n key-su-wat-su-win) and TELUS have entered a partnership where TELUS becomes the startup’s first beta tester. The AI technology is designed to help improve education about Indigenous Peoples in Canada. Under the agreement, wâsikan kisewâtisiwin’s AI is hosted on and powered by the TELUS Sovereign AI Factory, which i Canada’s first fully sovereign facility.

The AI provides authenticated, Indigenous-informed guidance and education to users writing about and researching Indigenous Peoples in Canada. The benefits are mutual: more than 300 TELUS testers are participating in the formal pilot with access to the wâsikan kisewâtisiwin AI model within Fuel iX™, TELUS’ enterprise-grade generative AI platform. The feedback from TELUS is actively helping train and refine the technology while improving accuracy and usability for future users. In addition to the formal pilot, thousands of other TELUS team members have access to the tool.

The TELUS Sovereign AI Factory, in Rimouski, Quebec, opened in September 2025 and is recognized as Canada’s most powerful supercomputer on the prestigious global TOP500 list. Sovereign-by-Design, the facility powered by over 99% renewable energy, uses natural cooling systems that reduce water consumption by more than 75% compared to conventional data centres, and ensures all AI computing is processed, stored and managed entirely within Canada.

Earlier this week, TELUS announced it will scale its Sovereign AI Factory network across three world-class facilities in British Columbia, delivering one of the world’s most powerful and sustainable AI infrastructure clusters – all built on Canadian soil. The first will open in Kamloops later this year, with the additional two in Vancouver set to open between 2026 and 2028. wâsikan kisewâtisiwin is also being made available through TELUS’ Fuel iX Platform– an innovative, enterprise-grade generative AI platform purpose-built to help organizations develop, manage and monitor Large Language Models (LLMs) and AI solutions securely and at scale.

wâsikan kisewâtisiwin anticipates their AI will be publicly available this fall and is currently accepting applications from organizations interested in investment and beta testing. For more information, please contact: tansi@wasikankisewatisiwin.ca.

Leave a comment »

Foxconn confirms cyberattack claimed by Nitrogen ransomware gang 

Posted in Commentary with tags on May 13, 2026 by itnerd

Foxconn, the world’s largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack by the Nitrogen ransomware operation earlier this week which stole 8 TB of data and more than 11 million documents.

Adrian Culley, Senior Sales Engineer, SafeBreach:

Adrian has extensive global cyber investigations experience, including technical roles at SafeBreach, Trellix, Palo Alto Networks, Norse, and the London Metropolitan Police Service. 

“The Foxconn incident is the latest reminder that the boundary between IT compromise and operational disruption has effectively disappeared. A ransomware crew using commodity techniques — malvertising, DLL sideloading, Cobalt Strike — was able to disrupt production at one of the world’s most sophisticated manufacturers and walk away claiming 8 TB of customer-sensitive technical data.

The Nitrogen group’s tradecraft is not novel. It is documented, mapped to MITRE ATT&CK, and within the capability of every mature security program to detect. The question every CISO should be asking this week is not “are we patched?” — it is “have we validated that our controls actually stop this chain, end to end, in our environment?”

This is the gap that Continuous Threat Exposure Management (CTEM) is designed to close, and that Adversarial Exposure Validation (AEV) — the validation layer of CTEM — exists to answer with evidence. Knowing you have an EDR is not the same as knowing it catches Nitrogen’s loader. Knowing you have backups is not the same as knowing your ESXi estate would survive an encryptor that, in Nitrogen’s case, destroys data even when the ransom is paid.

The lesson of Foxconn is not that ransomware is getting more sophisticated. It is that assumed that security is no longer good enough. Validation is.”

 Rebecca Moody, Head of Data Research at Comparitech: 

“This attack highlights why manufacturers remain a key target for ransomware groups. Through this attack, Nitrogen not only caused disruption to certain Foxconn systems but also stole vast quantities of data (if the allegations of 8 TB of data theft are true). Therefore, Nitrogen has two chances of receiving a ransom — one for decrypting the systems and the other for deleting said stolen data.

Manufacturers might not always be in possession of vast quantities of personal data but they’ll often have data that, if leaked, could have a significant impact on their operations and/or clients. The fact that Foxconn works with such high-profile brands only works to add pressure to the company to pay the ransom to prevent said data from being published.

So far this year, hackers have claimed over 600 attacks on manufacturers with 55 companies confirming these attacks. Where figures are available, the median ransom across these attacks has been $400,000.”

Ransomware attacks are completely out of control at the moment. And nobody is safe given that even Foxconn isn’t safe. This is not a good situation and this needs to change and change quickly.

Leave a comment »

New Data Reveals Critical Gaps in IT Strategy for Canadian Businesses

Posted in Commentary with tags on May 13, 2026 by itnerd

NOVIPRO today released the 10th edition of the IT Trends Report. Produced in partnership with Leger and IBM, this year’s report delivers not only the latest findings, but a unique 10-year perspective on how Canadian IT investment, priorities, and challenges have evolved in the last decade.

New this year, the report also includes data specific to three industries: finance, manufacturing, and healthcare. These industry spotlights provide additional insights into how IT decisions are enhancing or holding back these key sectors.

Key takeaways from this year’s report include:

  • Data Sovereignty – Made-in-Canada Control Is Now a Business Priority: 77% of Canadian organizations say data sovereignty is more critical today than it was two years ago, and 64% are actively taking steps to address it. As US–Canada trade tensions intensify, Canadian companies are asking a question they can no longer afford to ignore: where does our data actually live, and who has the keys?
  • Artificial Intelligence – From Pilot to Practice: 80% of organizations are actively using AI solutions, and more than half have moved beyond the pilot project stage. AI is now a business expectation, but one that requires strong training and governance practices.
  • Cybersecurity – Spending More with Less Protection: 93% of Canadian organizations have at least one security measure in place. Cyber insurance has exploded: adoption jumped from 27% to 60% in a single year – yet cybersecurity training for employees lags, governance frameworks remain underdeveloped, and executives lack alignment with their IT departments on what a modern cybersecurity strategy looks like.
  • IT Human Resources – At Crisis Levels: 91% of Canadian companies report facing at least one issue in IT human resources. Companies face consistent problems with hiring, training, and retaining staff. IT underpins everything we do in the modern age; a problem in IT human resources needs to be treated as an operational risk.

Mind the Gap: Bringing IT and Executives Together

The data makes one thing clear: the gap between IT leaders and the rest of the organization is holding companies back. When IT and business leaders aren’t aligned on costs, risks, and priorities, even the biggest technology investments fall short. The companies truly integrate IT decision-making into corporate strategy will gain a competitive advantage, and will set the pace for those that follow.

The full 2026 IT Trends Report is available now and includes in-depth findings across industry verticals, company sizes, and regional breakdowns.

Download and explore the full IT Trends Report at it-trends.ca

About the NOVIPRO/Leger 2026 IT Trends Report
The data for the tenth edition of the IT Trends Report from NOVIPRO and Leger comes from an online survey conducted from January 21st to February 3rd 2026, which surveyed 452 Canadian business decision makers. The survey results are then analyzed with leading IT experts to transform the IT Trends Report into a comprehensive guide for strategic decisions in information technology.

Leave a comment »

Which Island Nations Are Most Vulnerable to Undersea Cable Attacks?

Posted in Commentary with tags on May 13, 2026 by itnerd

This morning, Comparitech researchers published an analysis looking at all 48 island nations and their reliance on 126 undersea cables for access to the world’s internet.

These cables are often no thicker than a garden hose, leaving them vulnerable to damage. The International Cable Protection Committee (ICPC) reports 150 to 200 faults are reported on undersea cables each year. Of those, 70 to 80 percent resulted from accidental human activities, primarily anchors from shipping vessels. The rest are technical failures or natural disasters.

To gauge which of the island nations are most at risk of being cut off by accident or design, Comparitech looked at the number of undersea cables connecting them, the level of fishing activity that could cause accidental damage, and their proximity to conflict areas that could result in malicious damage.

New Zealand saw the least risk, while Brunei, Bahrain, Dominica, and Haiti were found to be at most risk. In terms of population, cable damage in Haiti would have the most significant impact due to the island’s 11.6 million population. 

The full study can be read here: https://www.comparitech.com/news/cut-off-which-island-nations-are-most-vulnerable-to-undersea-cable-attacks/

Leave a comment »

SIOS Technology Announces Reseller Partnership with Vaske

Posted in Commentary with tags on May 13, 2026 by itnerd

SIOS Technology today announced a new reseller partnership with Vaske (Vaske Computer, Inc), an IT services and consulting firm headquartered in St. Paul, Minnesota. Through this agreement, Vaske will resell SIOS high availability and disaster recovery solutions along with related professional services to customers nationwide across the United States.

SIOS delivers innovative high availability and disaster recovery solutions that protect critical applications from downtime and data loss. SIOS LifeKeeper provides automated failover clustering to ensure continuous operation of essential applications, while SIOS DataKeeper offers real-time replication for high availability and disaster recovery across cloud, hybrid, and on-premises environments. Together, these solutions enable organizations to maintain uptime, protect data integrity, and ensure seamless business continuity.

Vaske specializes in Oracle-centric consulting and enterprise data environments, with deep expertise spanning cloud infrastructure, AI deployment, and enterprise managed services. The company supports customers across both project-based engagements and ongoing enterprise managed services, helping organizations maintain performance, availability, and security in complex hybrid IT environments.

As Vaske celebrates more than three decades in business, the partnership underscores its continued commitment to delivering reliable, enterprise-grade IT solutions.

For more information about SIOS Technology and its high availability solutions, visit www.us.sios.com. To learn more about Vaske, visit https://vaske-it.com/.

Leave a comment »

Spendflo Launches Flo AI: An Autonomous Procurement Workforce for Mid-Market Companies

Posted in Commentary with tags on May 13, 2026 by itnerd

Spendflo has launched Flo AI, an autonomous procurement workforce designed for mid-market companies. Flo AI runs the complete procurement lifecycle: intake, approvals, vendor management, contract review, and accounts payable, as a single connected system. It does not assist procurement teams. It acts on their behalf.

Most companies at this stage run procurement with a small team, often one to five people, managing a volume of requests, renewals, and vendor relationships that a larger operation would handle with a dedicated department. Flo AI was built for exactly this: giving lean procurement functions the capacity to operate at a speed and scale that was previously out of reach.

Three agents. One connected system.

Flo is made up of three purpose-built agents, each covering a distinct phase of the procurement lifecycle.

  • Flo Procure handles every purchase request from first submission to approved purchase order. It routes requests, checks budget and policy, collects vendor documentation, and drives approval workflows to completion. Requests no longer wait on a procurement manager to coordinate them through the process.
  • Flo Contracts reads, redlines, and tracks vendor agreements. It surfaces non-standard clauses, extracts key commercial terms, and flags upcoming renewals before they slip through. Every contract processed through Spendflo informs how Flo Contracts handles the next one.
  • Flo AP (Accounts Payable) matches incoming invoices against purchase orders and contracts, routes exceptions for human review, and processes payment. Because Flo AP shares context with Flo Procure and Flo Contracts, it verifies invoices against what was actually agreed at sourcing, not just what the vendor submitted.

The three agents work as one system. Context carries forward at every stage. What Flo Procure learns about a vendor informs how Flo Contracts reads their agreement. What Flo Contracts extracts from the agreement informs how Flo AP handles the invoice. This continuity is what separates Flo from the point solutions most procurement teams are stitching together today.

The problem Flo AI was built to solve

Mid-market companies face a specific procurement challenge. They have outgrown informal processes but have not yet built the procurement infrastructure that larger organisations rely on. The gap is filled by small teams doing high volumes of manual work: chasing approvals, reconciling invoices, managing renewals, and fielding requests from across the business.

The tools available to them have not kept up. Most procurement software was designed either for large enterprise deployments with dedicated implementation teams, or for early-stage companies with simpler needs. Point solutions for intake, contracts, and accounts payable exist in abundance. What has been missing is a system that connects them, one that carries the context of a purchase request all the way through to the payment that closes it.

Flo was built on that full context from the ground up. Since founding, Spendflo has processed more than $3.2 billion in total spend across invoices, purchase orders, and contracts on its platform. That data informs how Flo categorises spend, identifies exceptions, and understands what efficient procurement looks like across different industries and company sizes.

The rise of the procurement engineer

With this launch, Spendflo is introducing a new role it believes will define the next generation of procurement operations: the procurement engineer.

The procurement engineer is not a coordinator. They do not spend their days chasing approvals, tracking down documents, or manually reconciling invoices. They configure and orchestrate an AI agent workforce to run procurement operations end to end. They design the workflows Flo executes. They own the vendor strategy Flo acts on. They set the policies Flo enforces. Their time goes to the work that requires human judgment: negotiations, vendor relationships, commercial strategy, and the systems thinking that makes procurement a lever for the business rather than a cost centre behind it.

This is a structural shift in what procurement functions look like. Most procurement teams today are built around coordination and process management. People spend the majority of their time moving information between systems and stakeholders. As AI agents take over that operational layer, the procurement function reorganises around a smaller, more senior profile: one person with strong commercial instincts and deep systems thinking, running an agent workforce that executes on their behalf.

The analogy is the GTM engineer, a role that emerged when revenue teams realised that configuring and orchestrating go-to-market tooling required a distinct skill set closer to systems design than sales execution. Procurement is undergoing the same shift. The procurement engineer is the person who makes Flo smarter and more precisely tuned to their organisation over time. They are not replaced by AI. They are the ones who run it.

For mid-market companies, lean procurement is not a constraint. It is the operating model. One procurement engineer orchestrating an agent workforce will run procurement with more speed, more intelligence, and more commercial impact than a headcount-heavy team running manual processes.

Availability

Flo is available now. It is designed for mid-market companies between $50 million and $1 billion in revenue, and connects to existing ERP, finance, and contract infrastructure without requiring organisations to replace current systems.

To see Flo in action: https://www.spendflo.com/

Leave a comment »

May Patch Tuesday Commentary From Fortra

Posted in Commentary with tags on May 12, 2026 by itnerd

By Tyler Reguly, Associate Director, Security R&D, Fortra

Microsoft decided to welcome May with 137 vulnerabilities (not to mention the 128 Edge CVEs) and the content couldn’t be more varied. We have all the usual suspects as well as a few rarely seen items like Microsoft Data Formulator and Data Deduplication, which I don’t believe I’ve ever seen mentioned before. I think, this month, the interesting thing to talk about is the numbers. AI related vulnerabilities are hard to ignore this month with 7 CVEs referencing Copilot plus Azure AI Foundry appearing as well, that is sure to get some attention. There are also 13 vulnerabilities that Microsoft is reporting as ‘no customer action required’, This means that they’ve already been mitigated and/or resolved by Microsoft and they’re raising them for informational purposes. Finally, we have 14 vulnerabilities (some overlap exists with the other two counts) that are in cloud or cloud adjacent applications. Depending on how heavily you rely on the Azure ecosystem, you may have a lot of digging around to do this month.

Interestingly, the CVEs that stood out to me the most are in the no customer action required bucket. CVEs like CVE-2026-33109, a remote code execution vulnerability in Azure Managed Instances for Apache Cassandra, and CVE-2026-33823, Microsoft Team Events Portal Information Disclosure Vulnerability. Since these have been both resolved by Microsoft, there’s no action to take, otherwise these would be the CVEs that I’d be discussing this month.

If I were the CSO and looking at this patch drop, there would be two questions on my mind.

  1. Are we aware of all our uses of AI?
    1. ~6% of the CVEs this month were AI based and we know that number is only going to grow from here. What other instances of AI might be in use in your organization that are not backed by a company with a regular update schedule like Microsoft?
  2. Do we use Confluence or Jira with SSO Integration?
    1. CVE-2026-41103 is an elevation of privilege in the Microsoft SSO Plugin for both Confluence and Jira. This is common software, deployed at a lot of organizations, and I suspect that most organizations have it tied to their Microsoft SSO.
    2. The interesting thing here is that the individuals responsible for Confluence and Jira may not be the same individuals responsible for Microsoft products, so the crossover that this vulnerability entails may cause it to be entirely overlooked, so definitely stay on top of your teams with this one.

Leave a comment »

« Older Entries