In partnership with

✅ What US-Only MSPs Need to Know About Global Frameworks

Most managed service providers do not set out to become international compliance experts. Yet many already support clients with Canadian customers, UK subsidiaries, Australian operations, or financial-sector ties that bring unfamiliar regulatory frameworks into ordinary security conversations. What looks like a local MSP business can quickly become a cross-border risk problem when a prospect’s questionnaire asks about PIPEDA, Cyber Essentials, Essential 8, or financial oversight regimes like FINRA and SEBI…

2026 State of AEO Report

A year ago, most marketers weren't thinking about AI search. Now it's one of the fastest moving channels in the industry and nobody has a playbook yet.

So we built one. We surveyed hundreds of marketers to find out how they're approaching answer engine optimization, where they're investing, what's actually working, and what isn't.

The result is the 2026 State of AEO Report. Real data. Real strategies. A clear picture of where AI search is headed and how to get ahead of it.

Download the free report

⚠️ Threat Updates

🔴 Trapdoor: 455 Malicious Android Apps Drove 659M Fake Ad Requests a Day (05/18/26)

HUMAN’s Satori team has exposed “Trapdoor,” a self‑sustaining Android ad fraud and malvertising pipeline in which users install seemingly harmless utility apps (like PDF viewers or cleanup tools) that then push deceptive “update” pop‑ups to coerce them into installing second‑stage apps which silently launch hidden WebViews, load threat‑actor HTML5 domains, and generate up to 659 million ad bid requests per day from a network of 455 malicious apps and 183 C2 domains—fueling a fraud loop that primarily hit U.S. traffic and weaponized mobile marketing attribution tools to only trigger malicious behavior for ad‑driven installs, meaning organizations with unmanaged Android fleets or weak mobile app controls should urgently tighten mobile device governance, restrict sideloading and non‑essential utilities, and use MDM plus DNS/HTTP controls to block known Trapdoor apps and cashout domains before this monetization infrastructure is repurposed for more destructive campaigns. » More Info

🔴 GitHub: Internal Repos Breached via Malicious VS Code Extension (05/20/26)

GitHub is investigating a breach in which threat actor “TeamPCP” used a malicious Visual Studio Code extension on an employee workstation to exfiltrate roughly 3,800–4,000 internal repositories, later offering GitHub source code and internal org data for sale on a cybercrime forum—while the company says it currently has no evidence that customer organizations or repositories were accessed, this same actor is actively weaponizing stolen secrets in a live supply‑chain campaign (including backdoored PyPI packages like durabletask 1.4.1–1.4.3), so MSPs and software teams should immediately harden developer endpoints and extensions, audit and rotate GitHub/PyPI credentials, lock or upgrade Python dependencies away from compromised versions, and treat IDE plugins and package ecosystems as high‑risk attack surfaces rather than trusted plumbing, especially for any environment that leans heavily on GitHub, VS Code, and Python-based workflows. » More Info

🗨️ Parting Words

“Every day I get up and look through the Forbes list of the richest people in America. If I’m not there, I go to work.” — Robert Orben

Are you a vCISO or MSP looking to operationalize security programs? Let’s discuss how Blacksmith Infosec proves that compliance is an opportunity, not a struggle that has to be packaged in FUD!