In 2018, Justin Goff, then a solutions architect at a medical equipment distributor, often sat at his desk working away on a SQL database, maybe with one standup call on the calendar.

When Goff learned that his company had hired a firm to redo the UX of its e-commerce site, he thought the planners had underestimated the project’s required data-migration tasks, including how back-end systems functioned in a revamped, multi-site context. And he saw an opportunity.

“I made this massive project plan draft and outlined the full end-to-end spectrum on how I thought it should go,” Goff told IT Brew of his phased strategy, which included cloning three legacy databases in a staging environment. “I presented it to my project manager and the director of marketing at the time in a meeting with the dev team there as well.”

Goff would end up presenting his plan to the CEO and other leaders, complete with printouts and language that he felt was tailored to the executives.

How to put yourself out there.—BH

Malicious actors are spicing up their phishing campaigns with bait designed to play off employees’ fears of violating their companies’ codes of conduct, according to the Microsoft Defender Research team.

In a May 4 blog post, Microsoft described the ploy as a multi-step “large-scale credential theft campaign” that uses “polished, enterprise-style HTML templates” to deceive users.

Over the course of two days in mid-April, 35,000 users from 26 countries were targeted by the phishing campaign, which Microsoft said relies on “concerning accusations and repeated time-bound action prompts” to create a sense of urgency. Nine in 10 (92%) of these users were based in the US, and worked in several industries, including retail, technology, and healthcare.

The TL;DR on the campaign. Microsoft said observed emails in the phishing campaign were sent using genuine email delivery services and subject lines like, “Internal case log issued under conduct policy.” If that wasn’t convincing enough, campaign emails also contained:

Are there plenty of phish in the sea?—BM

Are software companies like Oracle and Salesforce headed for the trash icon of history?

Investors have been dumping their stocks in software-as-a-service (SaaS) companies since late January, with one trader (and dozens of headlines) dubbing it the “SaaS-pocalypse.” So, while time will tell whether the end is actually nigh, change is in the air. And like seemingly all things business-related in 2026, that change is predicated on some form of AI.

The prevailing theory behind the sell-offs seems to be that sophisticated workplace agents as well as new coding tools from Anthropic and OpenAI could make this sort of business software model obsolete. If an IT team can easily “vibe code” internal software or assign tasks to role-specific plug-ins within Claude Cowork, do they still need expensive pay-per-seat platform subscriptions?

Anthropology, here.—PK

CollabWORK connects you to the hidden job market through IT Brew and other trusted channels. Browse roles curated specifically for this community by clicking through to the job board.