by CPI Staff | Apr 21, 2026 | Blog, Cybersecurity, Essential 8, Windows Server
Patch deployment failures are not supposed to become operational incidents. But that is exactly what many IT teams were forced to confront after Microsoft’s April 2026 Windows Server security updates triggered installation failures on some Windows Server 2025...
by CPI Staff | Apr 18, 2026 | AI Governance & Risk Management, Blog, Essential 8, Microsoft 365, Microsoft 365 Security, Microsoft Purview
Microsoft’s Deep Research in Copilot for Microsoft 365 has already reshaped how knowledge workers produce long-form analysis. Teams that used to spend days pulling together market scans, risk reviews, and competitive briefings now have a drafting partner that...
by CPI Staff | Apr 18, 2026 | AI Coding Agents, AI Governance & Risk Management, Blog, Codex, Essential 8, OpenAI
OpenAI Codex has quietly crossed a line that most CIOs haven’t fully registered yet. It’s no longer a code completion tool. It’s a cloud-based software engineering agent that can read a repository, run tests, fix bugs, write features, and open pull...
by CPI Staff | Apr 12, 2026 | AI Governance & Risk Management, Blog, Cybersecurity, Essential 8, Software Supply Chain Security
When a North Korean state actor compromised the Axios npm package on March 31, 2026, the blast radius did not stop at developer laptops. It reached OpenAI’s macOS code-signing pipeline — the system that certifies ChatGPT Desktop, Codex, Codex CLI, and Atlas as...
by CPI Staff | Apr 2, 2026 | Application Development, Blog, Cybersecurity, Essential 8
Most organisations still treat dependency management as a developer hygiene issue. The Axios npm compromise shows that assumption is now dangerous. When two malicious Axios versions were published on March 31, 2026, the problem was not limited to a bad package update....
by CPI Staff | Apr 2, 2026 | AI, AI Coding Agents, Anthropic, Blog, Claude Code, Cybersecurity, Essential 8
The immediate story was easy to misunderstand. On April 1-2 2026, Anthropic confirmed that a Claude Code release packaging issue was caused by human error, not a security breach. Anthropic also said no customer data or credentials were exposed. That matters. But the...
