In partnership with

🔍 How MSPs Turn Noisy Logs into Business Insights

Most small businesses are drowning in unused data and underused BI tools, and MSPs are perfectly positioned to turn that into a billable “insights” service rather than just shipping log reports. Framing this as “data as a service” lets you move up‑stack from technical reporting to recurring, board‑level guidance about where to spend the next dollar of IT budget…

Stop babysitting dashboards. Ship from Slack. Touch grass.

700+ teams have Viktor reading their Google Ads every morning.

Your media team opens Slack at 8am. There's a cross-platform brief in #growth: Google Ads spend vs. ROAS, Meta CPA by campaign, Stripe revenue by channel. Viktor posted it at 6am. Nobody asked for it.

Last week, one team's Viktor caught a spend spike at 2am on a broad match campaign and flagged it in Slack: "CPA up 340%. Recommend pausing and shifting budget to the top two performers." That would have burned $3K by morning. The media buyer woke up to a problem already handled.

Your strategist reviews spend trends. Your account manager checks revenue attribution. Same Slack channel, same colleague, before anyone's first coffee.

Google Ads, Meta, Stripe. One message. No Looker, no Data Studio. Anomaly detection runs around the clock. Cross-platform reporting runs on autopilot.

5,700+ teams. SOC 2 certified. Your data never trains models.

"Viktor is now an integral team member, and after weeks of use we still feel we haven't uncovered the full potential." — Patrick O'Doherty, Director, Yarra Web

Start free. $100 in credits →

⚠️ Threat Updates

🔴 Kali365: FBI Warns of Sophisticated Microsoft 365 Phishing Kit (05/27/26)

The FBI has issued an alert about “Kali365,” a phishing‑as‑a‑service kit that lets threat actors rapidly spin up highly convincing Microsoft 365 credential‑harvesting pages by abusing compromised WordPress sites, mimicking organization‑specific branding, and chaining multiple redirector domains to evade reputation‑based defenses, enabling campaigns where victims receive seemingly legitimate M365 or document‑sharing emails that funnel them through cloaked redirect infrastructure to a fake Microsoft login page which captures credentials and often MFA tokens for immediate account takeover — meaning organizations relying heavily on Microsoft 365 for email and collaboration should assume these kits will bypass basic secure email gateways and URL filters, and should accelerate phishing‑resistant authentication, conditional access policies, and continuous monitoring for anomalous sign‑ins while pushing targeted user awareness on “perfect‑looking” Microsoft prompts and suspicious login pages, plus proactive blocking of known Kali365 infrastructure in web and email security controls. » More Info

🔴 Fake Gemini & Claude Code Sites Drop Fileless Infostealers via SEO Poisoning (05/21/26)

Researchers have uncovered an SEO‑poisoning campaign in which threat actors stand up fake websites impersonating Google Gemini’s CLI and Anthropic’s Claude Code, then rank them above legitimate documentation so developers searching for install instructions are funneled to typosquatted domains that display cloned docs and a single “copy‑paste this PowerShell command” step, which—instead of just installing the tools—executes a fileless Windows infostealer entirely in memory that disables AMSI/ETW, quietly installs the real Gemini/Claude utilities to look benign, and then harvests browser credentials, session cookies, VPN configs, cloud‑synced files, collaboration app tokens (Slack, Teams, Discord, etc.), crypto wallets, and other sensitive data before exfiltrating it in encrypted form to attacker C2 infrastructure. » More Info

🗨️ Parting Words

“The road to success is dotted with many tempting parking spaces.” — Will Rogers

Are you a vCISO or MSP looking to operationalize security programs? Let’s discuss how Blacksmith Infosec proves that compliance is an opportunity, not a struggle that has to be packaged in FUD!