Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week the understand and implications of the Exchange online compromise continues. Details such as the U.S. Ambassador to China Hacked in China-Linked Spying Operation came to light, then we had the letter from Ron Wyden to CISA. Beyond that we have the MobileIron vulnerability which was used to attack the Norwegian Government - 12 ministries thus far. This is in addition to the Citrix exploitation (see below). Finally, VirusTotal apologized for leaking some customer information.

In the high-level this week:

• FACT SHEET: Biden-Harris Administration Secures Voluntary Commitments from Leading Artificial Intelligence Companies to Manage the Risks Posed by AI - The companies commit to internal and external security testing of their AI systems before their release. This testing, which will be carried out in part by independent ex…