threat-management

Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor

• threat-intelligence
• threat-management

Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor

Laura French May 27, 2026

Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.

Read More Read more about Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor

Fighting fire with fire: Defending against Mythos-powered cyberattacks

• aiml
• threat-management
• vulnerability-management

Fighting fire with fire: Defending against Mythos-powered cyberattacks

Paul Wagenseil May 12, 2026

How AI-powered exposure management reduces the opportunities AI-powered attackers depend on.

Read More Read more about Fighting fire with fire: Defending against Mythos-powered cyberattacks

Why we need a ‘zero-trust for code’ behavioral approach to secure software

• ai-benefitsrisks
• malware
• threat-management

Why we need a ‘zero-trust for code’ behavioral approach to secure software

Ken Ammon May 11, 2026

AI has broken down the old model for classifying code – here’s how a behavioral approach makes...

Read More Read more about Why we need a ‘zero-trust for code’ behavioral approach to secure software

Iranian threat group used Chaos ransomware as a ‘false flag,’ researchers say

• malware
• ransomware
• threat-intelligence
• threat-management

Iranian threat group used Chaos ransomware as a ‘false flag,’ researchers say

Laura French May 7, 2026

The purported ransomware attack did not encrypt files and used infrastructure tied to MuddyWater.

Read More Read more about Iranian threat group used Chaos ransomware as a ‘false flag,’ researchers say

CloudZ RAT plugin targets Windows Phone Link for possible OTP theft

• identity
• malware
• ssomfa
• threat-intelligence
• threat-management

CloudZ RAT plugin targets Windows Phone Link for possible OTP theft

Laura French May 6, 2026

The Pheno plugin monitors active Phone Link connections to eavesdrop on texts and notifications.

Read More Read more about CloudZ RAT plugin targets Windows Phone Link for possible OTP theft

Post Quantum Migration Struggles, AI Threats, and Modern Defenses – Bobby Ford, HD Moore, Eyal Benishti, Ramin Farassat, Daniel dos Santos – ESW #457

• Encryption
• phishing
• threat-management

Post Quantum Migration Struggles, AI Threats, and Modern Defenses – Bobby Ford, HD Moore, Eyal Benishti, Ramin Farassat, Daniel dos Santos – ESW #457

Adrian Sanabria May 4, 2026

Read More Read more about Post Quantum Migration Struggles, AI Threats, and Modern Defenses – Bobby Ford, HD Moore, Eyal Benishti, Ramin Farassat, Daniel dos Santos – ESW #457

Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026

• phishing
• threat-intelligence
• threat-management

Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026

Laura French May 1, 2026

The company detected about 8.3 billion email-based phishing threats between January and March.

Read More Read more about Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026

How to make CTEM operational versus aspirational

• threat-management

How to make CTEM operational versus aspirational

David Balaban April 29, 2026

Here’s seven ways to get the most out of CTEM.

Read More Read more about How to make CTEM operational versus aspirational

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

• application-security
• malware
• ransomware
• supply-chain
• threat-intelligence
• threat-management

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

Laura French April 28, 2026

A new cluster of 73 extensions impersonating legitimate projects has been tied to the GlassWorm campaign.

Read More Read more about GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

Medtronic says cyberattack did not disrupt its operations

• threat-intelligence
• threat-management

Medtronic says cyberattack did not disrupt its operations

Steve Zurier April 27, 2026

Attack raised concerns because it was second one on a major medical device maker since the Iran...

Read More Read more about Medtronic says cyberattack did not disrupt its operations