From a HubSpot U-turn to the first documented case of a fully autonomous ransomware operation by AI agents, here are extracts from this week’s most popular news stories.
“We Made a Mistake” – HubSpot Reverses Customer Data Enrichment Plan
Last week, HubSpot updated its terms of service to allow enrichment data to be shared across customer accounts.
The policy covered business contact details, employer information, and email deliverability signals.
However, the most consequential aspect of the CRM giant’s move was the decision to set opt-out as the default setting, meaning customers were automatically enrolled unless they manually took action to remove themselves.
Just four days later, the company had scrapped the plan entirely.
The backlash was loud and fast. Most of it played out on LinkedIn, where CRM users, sales leaders, and RevOps professionals made their frustrations clear.
Brent Leary, a Partner at CRM Essentials, summed up much of the indignation in his succinct response to the news:
“Damn… What was HubSpot thinking with this.”
Caitlin O. Bigelow, CMO at Blazel, was more detailed in her condemnation of HubSpot’s decision, claiming that the company had “truly lost their way,” and she was cutting ties after 15 years as a customer (Read more…).
First Fully Autonomous AI Ransomware Campaign Raises the Stakes for Enterprise Cybersecurity
Cybersecurity researchers have identified the first documented case of a fully autonomous ransomware operation by AI agents, marking what could become a significant turning point for enterprise cyber resilience.
According to cloud cybersecurity firm Sysdig’s Threat Research Team (TRT), an AI-powered threat actor it has named JADEPUFFER conducted an end-to-end ransomware campaign without evidence of direct human intervention during the attack. Rather than relying on a traditional operator manually directing each stage, the campaign used a large language model (LLM) to execute reconnaissance, credential theft, lateral movement, persistence, privilege escalation and ransomware deployment.
The attack exploited CVE-2025-3248, a remote code execution vulnerability affecting Langflow, an open-source framework used to build LLM-powered applications and AI workflows. From an exposed Langflow instance, the agent moved through the victim’s environment before targeting a production database server. As Michael Clark, Director of Threat Research at Sysdig, explained in a blog post:
“JADEPUFFER is considered an agentic threat actor (ATA), or an operator whose attack capability is delivered by an AI agent rather than a human-driven toolkit.”
For customer-facing organizations increasingly embedding AI into digital experiences, the incident indicates that AI infrastructure is becoming a new attack surface while attackers themselves are beginning to use AI as an autonomous operator (Read more…).
Microsoft Just Put Agentic AI Inside Every Sales and Service Conversation
Microsoft has announced a wave of agentic capabilities across Microsoft 365 Copilot and Dynamics 365
The release includes the general availability of Sales Agent and Service Agent – two AI agents designed to operate inside the tools sales and service teams already use, rather than requiring parallel systems or new workflows.
The announcement, published on 7 July 2026 by Deva Rajamohan, Corporate Vice President of Dynamics 365 Customer Experience, frames the move as a response to a fundamental shift in customer expectations – one that the company argues can no longer be met by humans working alone:
“Agentic AI resets the equation. Rather than adding another tool to manage, it brings intelligence directly into the flow of work – helping teams use trusted data, surface relevant context, and move work forward with greater confidence, while freeing your people to do what only people can: build trust.”
Sales Agent and Service Agent are now generally available inside Microsoft 365 Copilot, Outlook, Teams, and Dynamics 365. Both are powered by ‘Work IQ’ and grounded in live Dynamics 365 CRM data via a model context protocol (MCP) foundation (Read more…).
Frontier AI Is Getting More Powerful But CX May Need an Uber, Not a Boeing
OpenAI has launched three versions of its ChatGPT 5.6 frontier AI model: Sol, the flagship model; Terra, which is balanced for everyday work; and Luna, a fast and affordable variant.
The release, following closely behind Anthropic’s Fable 5, has sharpened an increasingly important question for customer experience leaders around whether enterprises should keep chasing the most powerful frontier large language models (LLMs), or focus on models that are smaller, cheaper, more controllable, and better aligned to specific CX workflows.
The answer appears to be both, but not for the same jobs.
Frontier models are advancing quickly, and their reasoning, multimodal capabilities, coding performance and agentic potential continue to stretch what enterprises believe AI systems can do. For CX operations, that raises the prospect of more sophisticated virtual agents, richer knowledge retrieval, better personalization and AI systems capable of handling complex, multi-step customer journeys.
Yet the practical reality inside many contact centers is that much of customer service does not require the most powerful model available. It requires fast, reliable, compliant execution of repeatable tasks from classifying intent to summarizing conversations, retrieving policy information, checking answers against approved knowledge, routing cases, detecting sentiment and escalating when needed.
For those use cases, a smaller language model that has been specifically trained or tuned for a particular workflow or customer service domain may be not only sufficient, but more effective (Read more…).