🔴 A Roblox cheat mod just caused a major cloud breach. Yes, really

This broke over the weekend and it’s still developing.

Vercel, one of the biggest cloud hosting platforms used by developers worldwide, confirmed a security breach after attackers used malware that originated from a Roblox cheat mod to compromise a third-party AI tool called Context AI. cyberscoop

Here’s the chain: someone at Context AI accidentally downloaded dodgy software. That gave attackers access to Context AI’s Google Workspace OAuth app. One of Vercel’s employees had connected that app to their corporate Google account, which gave attackers a route into some of Vercel’s internal systems… including customer credentials that weren’t encrypted. TechCrunch

Vercel says the breach may affect hundreds of users across many organisations, and has warned of potential downstream breaches spanning the tech industry.

Why does this matter to you? Because this is the playbook now. Attackers aren’t breaking down the front door. They’re slipping through the staff entrance via a trusted third-party app that nobody was watching. OAuth integrations, AI tools, connected apps… any of them can become the weak link, in your stack or your clients’. Worth a conversation with your clients about what third-party apps have access to their systems, right?

🟡 $8m crypto thief pleads guilty

Some good news from the courts on Friday.

Tyler Robert Buchanan, 24, from Dundee, Scotland, pleaded guilty in California to conspiracy to commit wire fraud and aggravated identity theft, admitting to stealing at least $8 million in cryptocurrency. He’s considered a key figure in the Scattered Spider hacking collective. The Register

Scattered Spider is the group responsible for the MGM Resorts hack, the Caesars Entertainment breach, attacks on UK retailers including Marks and Spencer and Co-op, and dozens of others. Their method was unsophisticated but devastatingly effective: SMS phishing that impersonated IT helpdesks to steal credentials.

The group has continued operating under the name Scattered LAPSUS$ Hunters. IT Pro

The real takeaway for your clients: this group’s entire operation ran on fake IT helpdesk texts. Basic security awareness training could have stopped most of it.

🟢 Microsoft just created a new upsell opportunity… and it opens in 10 days

If you’ve got clients on Microsoft 365 E3 or E5, pay attention because there’s money on the table here.

Microsoft 365 E7, their new “Frontier Suite”, goes live on 1 May 2026. It bundles M365 E5, Microsoft Copilot, the Entra Suite for identity management, and Agent 365, Microsoft’s platform for deploying and governing AI agents across an organisation. Microsoft Learn

The price is $99 per user per month.

Microsoft is telling partners to start positioning E7 with customers now, ahead of the launch, and prepare order workflows in advance of transactability. In other words, they want you having the conversation this week, not next month.

Partners who push E7 and Agent 365 earn higher incentive rates than standard E3/E5 deals on the same customer. Aicloudpartners.

So if you’re already quoting Microsoft renewals, it’s worth at least raising the conversation.

The honest take: E7 is primarily an enterprise play. But for any client who’s been asking about AI and is already on E5, this is the structured answer Microsoft has been building toward. Better to be the one who introduces it than have them hear about it from someone else.

That's your MSP Minute for Tuesday. We’ll be back in your inbox tomorrow morning.

Get this MSP marketing planner on your wall - completely FREE

The MSP Minute is curated by the team at the MSP Marketing Edge… and they’ve got a useful freebie for you as well.

It’s a physical wall planner showing you a route to improve your marketing. Discover 36 smart marketing actions to go from zero leads to new clients.

This is NOT a digital download. Fill in the form here to have a wall planner sent to you… there are no shipping or postage costs, you don’t have to enter a credit card, and we’re not trying to get you to start a subscription or anything like that. No catches. Pinky promise.