In this week's brief:

• Supply chain fallout intensifies: TeamPCP's Trivy compromise led to 340 GB stolen from the European Commission, Claude Code's accidental leak became a malware delivery vehicle, and Fortinet is patching its second critical zero-day in days.
• LinkedIn's hidden surveillance: A "BrowserGate" investigation revealed LinkedIn scans for 6,167 browser extensions on every page load, building intelligence profiles tied to real identities, without disclosure.
• AI agent security gaps: Google published its prompt injection defense playbook, Unit 42 exposed multi-agent exploitation paths in Amazon Bedrock, and a new report warns AI agents can cost more than employees without controls.

Fortinet FortiClient EMS Zero-Day Exploited in the Wild, CVSS 9.1 Emergency Hotfix Released

• Fortinet released an emergency hotfix for CVE-2026-35616, a critical pre-authentication API bypass in FortiClient EMS versions 7.4.5 and 7.4.6 that lets unauthenticated attackers execute arbitrary code without any user interaction or privileges.
• This is the second critical FortiClient EMS flaw exploited in days, following CVE-2026-21643 (also CVSS 9.1). watchTowr recorded exploitation attempts starting March 31, timed to hit during a holiday weekend when security teams run at half capacity.
• Security teams running FortiClient EMS should apply the hotfix immediately, restrict external access to the EMS management interface, and audit logs for anomalous unauthenticated API requests that could indicate prior compromise.

European Commission Breached via Trivy Supply Chain Attack, 340 GB of Data Stolen

• CERT-EU confirmed that threat group TeamPCP breached the European Commission's AWS environment by poisoning Aqua Security's Trivy vulnerability scanner, stealing an API key that gave them control over cloud accounts serving 71 clients across EU institutions.
• The attackers exfiltrated 340 GB of data including personal information, usernames, and email content from the Europa.eu hosting service. ShinyHunters published the stolen dataset on a dark web leak site on March 28, just days after initial compromise.
• Organizations using Trivy should immediately verify they're running a known-safe version, rotate all AWS credentials, pin GitHub Actions to immutable SHA hashes instead of mutable tags, and enable CloudTrail logging to detect anomalous STS calls.

Claude Code Source Leak Weaponized to Spread Vidar Stealer and GhostSocks Malware

• After Anthropic accidentally exposed 513,000 lines of Claude Code source via an npm packaging error on March 31, attackers created fake GitHub repositories offering "unlocked enterprise" versions that instead delivered a Rust-based dropper containing Vidar v18.7 infostealer and GhostSocks proxy malware.
• The malicious repos ranked near the top of Google search results for "leaked Claude Code," targeting developers who cloned what appeared to be legitimate forks. Zscaler ThreatLabz identified the campaign as part of a broader operation impersonating 25+ software brands since February 2026.
• Development teams should only use verified binaries from official sources, avoid cloning unverified repositories, and monitor developer workstations for anomalous outbound connections that could indicate credential theft or proxy tunneling.

LinkedIn Secretly Scans for 6,000+ Browser Extensions, Collects Device Data Without Disclosure

• A Fairlinked e.V. investigation dubbed "BrowserGate" revealed that LinkedIn injects hidden JavaScript that scans Chromium browsers for 6,167 extensions and collects 48 device characteristics on every page load, without any mention in its privacy policy or user consent.
• The scanned extensions include 509 job search tools, religious practice indicators, political orientation markers, neurodivergent support apps, and 200+ competitor products. Since LinkedIn ties to real identities and employers, this creates detailed intelligence profiles on the professional workforce at scale.
• Security teams should evaluate whether LinkedIn's undisclosed data collection practices conflict with internal privacy policies, consider browser isolation or switching to non-Chromium browsers for sensitive roles, and review third-party platform risk assessments.

GitGuardian Report: 29 Million Secrets Leaked on GitHub in 2025, AI Credentials Up 81%

• GitGuardian's State of Secrets Sprawl 2026 report found 29 million new hardcoded secrets on public GitHub in 2025, a 34% year-over-year increase and the largest single-year jump ever recorded. AI service credential leaks surged 81%, with orchestration tools like Firecrawl (+796%) and Supabase (+992%) leading the growth.
• Analysis of the Shai-Hulud 2 supply chain attack showed each compromised machine contained an average of 8 copies of the same secret spread across .env files, shell history, and build artifacts. 59% of compromised machines were CI/CD runners, not developer laptops, meaning secrets sprawl is now an infrastructure problem.
• Organizations should eliminate long-lived static credentials, adopt short-lived identity-driven access, implement secrets vaulting as the default workflow, and treat every service account, CI job, and AI agent as a governed identity with lifecycle management.

Akira Ransomware Achieves Initial Access to Encryption in Under One Hour

• Researchers documented Akira ransomware operators completing the full attack chain, from initial VPN access to deploying encryption, in under 60 minutes. The group exploited compromised VPN credentials lacking multi-factor authentication to gain entry, then moved laterally using RDP and standard admin tools.
• This speed leaves almost zero window for traditional detection and response. Most SOC teams operate with response times measured in hours, not minutes. Akira's pace means that by the time an alert triggers and an analyst investigates, encryption may already be complete.
• Incident response playbooks need to account for sub-hour ransomware execution. MFA on all remote access is no longer optional, and automated containment actions (network isolation on high-confidence alerts) should replace manual triage for initial response.

Google Details Layered Defense Strategy Against Indirect Prompt Injection in Workspace

• Google's GenAI Security Team published a detailed breakdown of how they defend Gemini in Workspace against indirect prompt injection, combining adversarial model training, proprietary ML-based content classifiers, markdown sanitization, suspicious URL redaction, and human-in-the-loop confirmation for sensitive actions.
• The approach treats prompt injection as a continuous arms race, not a one-time fix. Google uses both human and automated red-teaming plus its AI Vulnerability Reward Program to build one of the most advanced catalogs of generative AI attack patterns, feeding this data back into model hardening.
• As organizations roll out AI assistants that process emails, documents, and calendar data, this defense-in-depth model offers a practical reference architecture for building layered protections into enterprise AI deployments.

Palo Alto Unit 42: Multi-Agent AI Applications in Amazon Bedrock Open to Exploitation

• Palo Alto Networks Unit 42 published research showing how attackers can exploit Amazon Bedrock's multi-agent collaboration framework, where one compromised or poorly configured agent can manipulate other agents in the chain to access sensitive data or perform unauthorized actions.
• The research demonstrated that agentic architectures create new trust boundaries between AI agents that most security teams are not yet monitoring. When agents delegate tasks to other agents, traditional access controls break down because permissions compound across the chain.
• Security teams deploying multi-agent AI systems should enforce strict least-privilege access per agent, implement monitoring at inter-agent communication boundaries, and validate that no single agent can escalate its own permissions through delegation.

AI Agents Can Cost More Than Employees Without Proper Controls, Report Warns

• A new analysis warns that AI agents deployed without spending controls, usage monitoring, or governance frameworks can generate costs that exceed the salary of the employees they were meant to augment, driven by runaway API calls, redundant processing, and uncapped token usage.
• The report highlights cases where autonomous agents running in loops consumed thousands of dollars in compute costs within hours, with no alerting mechanism in place. Most organizations lack the financial visibility to track AI agent spending in real time.
• Before deploying autonomous AI agents, organizations should set hard spending limits per agent, implement real-time cost monitoring dashboards, and define clear escalation paths that require human approval for actions above spending thresholds.

Depthfirst Raises $80M Series B for AI-Native Software Security Platform

• Depthfirst, an applied AI lab founded by DeepMind, Databricks, and Faire alumni, raised $80M in Series B led by Meritech Capital, bringing total funding to $120M in under 90 days since emerging from stealth. The speed of back-to-back raises signals strong investor conviction in AI-native security.
• The company launched dfs-mini1, its first in-house security model for smart contract security, and reports 80% of its fix recommendations are accepted and merged by developers. Customers include ClickUp, Supabase, and Moveworks.
• The raise reinforces a broader market thesis: security-specific AI models trained on domain data will outperform general-purpose LLMs applied to security. Founders building in this space should watch how Depthfirst's "own the model" strategy plays out against wrapper-based approaches.

Censys Raises $70M to Expand Internet Intelligence Platform

• Censys closed $70M in strategic funding ($40M Series D + $30M debt), led by Morgan Stanley Expansion Capital, bringing total venture funding to $149M. The capital will fuel AI-driven solutions for attack surface management and threat hunting.
• The company is trusted by 300,000+ security practitioners and organizations representing over 50% of the Fortune 500. As internet infrastructure becomes the top attack vector, demand for real-time intelligence on exposed assets continues to grow.
• For security vendors, Censys's raise highlights how data-centric platforms that own proprietary intelligence are attracting premium valuations. The combination of equity and debt financing also suggests the company is approaching profitability.

Variance Raises $21.5M for AI Agent-Powered Compliance Investigation Platform

• Variance raised $21.5M to build an AI agent-powered platform that automates compliance investigations, targeting the manual, resource-heavy work of sifting through regulatory requirements and incident documentation.
• The funding signals growing investor interest in applying agentic AI to GRC (governance, risk, compliance) workflows, where most organizations still rely on spreadsheets, manual review, and consulting hours to handle investigations.
• Compliance-focused AI tools are an underserved segment with clear enterprise demand. Security founders should watch this space as traditional GRC vendors will likely need to add AI-native capabilities to compete.

GitGuardian Non-Human Identity Security

With 29 million secrets leaked on GitHub in 2025, GitGuardian's NHI security platform detects hardcoded credentials, API keys, and tokens across repositories and CI/CD pipelines. Directly relevant to this week's Secrets Sprawl report findings.

Cycode Secrets Detection and Scanning

Cloud-based secrets detection that scans code repositories for exposed credentials before they reach production. Useful for teams looking to implement the secrets vaulting and governance workflows recommended in this week's CISO Lens coverage.

FullHunt

Free external attack surface management tool for discovering exposed assets and services. Relevant this week given the Censys $70M raise and the growing importance of knowing what's internet-facing before attackers find it first.

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

• Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools. Promote Your Product
• Position your product to sell to CISOs correctly. Positioning Advisory
• Analyze entire cybersecurity market with AI. Access CybersecTools MCP server

Talk to you in the next one.

Nikoloz

In this week's analysis:

• Supply chain threat escalation: TeamPCP's multi-ecosystem campaign now includes ransomware partnerships, signaling a shift where open-source infrastructure becomes a first-stage attack vector for extortion.
• CISO leadership deficit: Only 35,000 CISOs serve 359 million businesses globally, a 10,000-to-1 ratio that leaves SMBs structurally exposed.
• Platform disruption: Databricks' Lakewatch SIEM uses consumption pricing to challenge incumbents, and security teams should start evaluating it for 2026 renewal cycles.

TeamPCP Compromises Telnyx PyPI Package, Hides Credential Stealer Inside WAV Audio Files

• TeamPCP pushed two malicious versions (4.87.1 and 4.87.2) of the popular Telnyx Python SDK to PyPI on March 27, embedding credential-stealing malware inside .WAV audio files using steganography to evade detection.
• The attack is part of a broader supply chain campaign that already hit Trivy, KICS, and litellm, and the group has announced partnerships with LAPSUS$ and ransomware group Vect to scale credential abuse before victims complete remediation.
• Pin all GitHub Actions and PyPI dependencies to exact commit SHAs, audit environments for telnyx 4.87.1/4.87.2, rotate all secrets if found, and block the C2 IP (83[.]142[.]209[.]203).

CISA Adds F5 BIG-IP APM Critical RCE Flaw to KEV Catalog After Active Exploitation

• CISA added CVE-2025-53521 (CVSS 9.3) to its Known Exploited Vulnerabilities catalog on March 28 after F5 confirmed active exploitation of a remote code execution flaw in BIG-IP Access Policy Manager that was originally classified as denial-of-service.
• The reclassification from DoS to RCE based on new March 2026 intelligence means organizations that deprioritized the original advisory now face significantly higher risk than initially assessed.
• Verify all BIG-IP APM instances are patched immediately, review network logs for anomalous traffic to virtual servers with APM policies, and treat this as a priority-one patch cycle.

European Commission Investigating Breach After Hackers Access AWS Cloud Infrastructure

• The European Commission confirmed on March 27 that threat actors infiltrated its networks and accessed its AWS cloud infrastructure, with some data confirmed stolen during the breach.
• The incident raises questions about sovereign cloud strategies and third-party cloud dependency across EU institutions, especially as Europe pushes to reduce reliance on US tech infrastructure.
• Review cloud provider access controls and logging configurations, ensure incident response plans cover cloud-native breach scenarios, and monitor for follow-up campaigns targeting exposed data.

Only 35,000 CISOs Serve 359 Million Businesses: 2026 Report Reveals 10,000-to-1 Leadership Gap

• The 2026 CISO Report from Cybersecurity Ventures and Sophos found just 35,000 CISOs worldwide serving an estimated 359 million businesses, a 10,000-to-1 ratio that creates a massive security leadership vacuum, especially for SMBs.
• The World Economic Forum estimates 90% of companies globally are small businesses, yet close to zero percent employ a dedicated security officer, leaving them exposed to enterprise-grade threats without executive-level risk guidance.
• Fractional CISO models and AI-augmented security leadership platforms represent the most scalable near-term solutions, but human bandwidth constraints remain the bottleneck for serving hundreds of millions of organizations.

How CISOs Can Survive Geopolitical Cyberattacks: Lessons from the Stryker-Handala Incident

• The Iran-linked group Handala attacked Stryker, a Fortune 500 medical device manufacturer, in March 2026, reportedly wiping tens of thousands of devices across 79 countries and disrupting manufacturing, logistics, and order processing.
• Threat intelligence research shows many Iranian destructive campaigns rely on manual operations rather than advanced malware, meaning defenders who understand these operational patterns can limit damage even after perimeter breach.
• Build incident response playbooks specifically for destructive wiper scenarios, segment critical OT networks from IT infrastructure, and incorporate geopolitical threat briefings into quarterly security strategy reviews.

State of AI Cybersecurity 2026: 92% of Security Pros Concerned About AI Agent Impact

• The State of AI Cybersecurity 2026 report found that 92% of security professionals are concerned about the impact of AI agents on their organization's security posture as embedded AI features go mainstream.
• Security teams are struggling to adapt governance frameworks, tooling, and talent to the speed of enterprise AI adoption, creating a gap between deployment velocity and security readiness.
• Establish an AI asset inventory across the organization, define acceptable use policies for AI agents before deployment scales further, and allocate dedicated budget for AI-specific security controls.

LangChain and LangGraph Flaws Expose Files, Secrets, and Databases in Popular AI Frameworks

• Researchers disclosed three security vulnerabilities in LangChain and LangGraph, widely used open-source frameworks for building LLM-powered applications, that could expose filesystem data, environment secrets, and conversation history.
• As organizations rush to build AI agents and LLM-powered workflows, the security of the underlying frameworks becomes a critical attack surface that most teams are not yet auditing.
• Audit all LLM framework dependencies for known CVEs, restrict filesystem and environment variable access for AI agent processes, and implement network segmentation for AI workloads.

ShadowPrompt Vulnerability in Claude Chrome Extension Allowed Zero-Click XSS and Token Access

• A critical vulnerability dubbed ShadowPrompt in Anthropic's Claude Chrome extension allowed zero-click XSS prompt injection and token access, which has since been patched by Anthropic and Arkose Labs.
• Browser-based AI extensions with deep system access represent a growing attack surface that security teams rarely include in their threat models, despite handling sensitive prompts and authentication tokens.
• Inventory all AI-related browser extensions across the organization, enforce extension allowlisting policies, and monitor for unauthorized AI tool installations in endpoint management platforms.

GitHub Adds AI-Powered Bug Detection to Expand Code Security Coverage Beyond CodeQL

• GitHub announced AI-based scanning for its Code Security tool on March 25, expanding vulnerability detection beyond CodeQL static analysis to cover more languages and frameworks.
• The move signals that AI-assisted code review is becoming table stakes for DevSecOps, reducing the gap between code commit and vulnerability discovery for development teams using GitHub.
• Enable the new AI scanning capabilities alongside existing CodeQL workflows, review initial findings for false positive rates before tuning alerting thresholds, and use the expanded coverage to address language gaps in current SAST tooling.

Databricks Enters Cybersecurity Market with Lakewatch, an Agentic SIEM, Ahead of Expected IPO

• Databricks launched Lakewatch on March 24, an open, agentic SIEM that unifies security, IT, and business data in a single governed environment, directly challenging incumbents like Splunk, Palo Alto Networks, and Microsoft Sentinel.
• The $134 billion-valued company is using a consumption-based pricing model that charges for work performed rather than data stored, attacking the biggest pain point in traditional SIEM economics where costs scale with log volume.
• Security teams evaluating SIEM alternatives should add Lakewatch to shortlists for 2026 renewals, particularly if already running Databricks for data and analytics workloads.

Eclypsium Raises $25M to Expand Device Supply Chain Security for AI Infrastructure

• Eclypsium raised $25 million in strategic funding led by PEAK6 Strategic Capital, bringing total capital to over $100 million, to expand firmware and hardware supply chain security across enterprise and government environments.
• The company is expanding platform coverage to NVIDIA GPU servers in AI data centers and network edge appliances, addressing the growing attack surface created by AI infrastructure buildouts where traditional endpoint agents are blind.
• Organizations deploying AI compute infrastructure should evaluate firmware and hardware integrity monitoring as part of their supply chain security strategy, especially for GPU clusters and edge devices.

Onit Security Raises $11M Seed to Automate Exposure Management Lifecycle

• Tel Aviv-based Onit Security raised $11 million in seed funding led by Hetz Ventures and Brightmind Partners for its agentic exposure management platform that automates the full lifecycle from vulnerability detection to remediation execution.
• The company claims the founding was partly motivated by bottlenecks exploited during an Iranian state-sponsored cyberattack, targeting the gap between when vulnerabilities are found and when they are actually fixed.
• The seed raise reflects investor confidence in the exposure management category, and security teams dealing with remediation backlogs should watch this space as AI-driven prioritization tools mature.

Eclypsium Supply Chain Security Platform

Firmware, hardware, and software supply chain security for enterprise devices. Covers inventory, hardening, threat detection, and response across the full device lifecycle. Relevant this week as the company raised $25M to expand into AI infrastructure security.

Legit Security Software Supply Chain Security

Secures the software development pipeline from code to deployment, covering CI/CD security, secret detection, and software supply chain risk. Directly relevant following TeamPCP's ongoing campaign targeting developer tools like Trivy, KICS, litellm, and Telnyx.

Prevalent Exposure Management

Cloud-based exposure management platform that prioritizes vulnerabilities based on business context. Connects to this week's Onit Security seed raise and the broader shift toward automated remediation workflows.

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

• Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools. Submit Your Product
• Position your product to sell to CISOs correctly. CISO Lens
• Analyze entire cyebrsceurity market with AI. Access CybersecTools MCP server

Talk to you in the next one.

Nikoloz

In this week's brief:

• Trivy CanisterWorm Supply Chain Attack: A self-spreading worm infected 47 npm packages using blockchain-based C2, harvesting developer tokens to automatically compromise entire package ecosystems. Time to audit those postinstall hooks.
• Stryker Wiper Attack: Iran-linked Handala group destroyed thousands of devices across 79 country offices, exfiltrating 50TB before detonation. When geopolitics meets inadequate segmentation, the result is total environment destruction.
• XBOW Reaches Unicorn Status: The autonomous hacker that hit #1 on HackerOne raised $120M at $1B+ valuation, backed by the creator of GitHub Copilot. Manual-only pentesting firms should be paying attention.

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

• Threat actors exploited the Trivy security scanner supply chain compromise to deploy CanisterWorm, a self-propagating malware that infected 47 npm packages across multiple scopes, using Internet Computer blockchain canisters as command-and-control dead drop resolvers.
• The worm harvests npm tokens from developer machines and automatically publishes malicious versions of packages via a self-spreading "deploy.js" script, meaning a single infected developer can compromise their entire organization's package ecosystem.
• Audit npm dependencies for unexpected postinstall hooks, rotate all npm tokens that may have been exposed, and monitor for systemd services masquerading as PostgreSQL tooling ("pgmon").

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Full Remote Takeover

• Oracle issued an emergency security alert for CVE-2026-21992, a CVSS 9.8 unauthenticated remote code execution flaw in Oracle Identity Manager and Web Services Manager (versions 12.2.1.4.0 and 14.1.2.1.0) that allows complete system takeover via HTTP with no credentials required.
• Because Oracle Identity Manager controls user provisioning, role assignments, and access governance across the enterprise, a compromised instance gives attackers the ability to create admin accounts, modify access policies, and pivot into every connected system.
• Apply Oracle's emergency patches immediately, prioritize any internet-facing Identity Manager deployments, and audit identity infrastructure logs for unauthorized administrative actions or unusual REST API calls.

Iran-Linked Handala Group Wipes Thousands of Stryker Devices, 79 Country Offices Offline for Over a Week

• Pro-Iranian hacktivist collective Handala launched a destructive wiper attack against medical device giant Stryker, taking down the company's global Microsoft environment, forcing 79 country offices offline, halting production lines, and leaving thousands of employees unable to work for over a week.
• Unlike ransomware, wiper attacks destroy data with no option for recovery or negotiation, and Handala claims to have exfiltrated roughly 50 terabytes of corporate data before detonating the wiper, making this one of the largest geopolitically motivated attacks against a U.S. healthcare company.
• Organizations in sectors likely to face geopolitical targeting should validate offline backup integrity, segment critical manufacturing systems from corporate IT infrastructure, and pressure-test incident response plans that assume complete environment destruction rather than partial compromise.

Pentera Study: 67% of CISOs Have Limited AI Visibility, Only 11% Deploy AI-Specific Security Tools

• Pentera's 2026 AI and Adversarial Testing Benchmark surveyed 300 U.S. CISOs and found that 67% have limited visibility into AI usage across their organization, with zero respondents reporting full visibility, while 75% still rely on legacy security controls not designed for AI environments.
• The core problem is not awareness or budget; 50% cited lack of internal expertise as the top obstacle, and only 11% have deployed AI-specific security tools, meaning most organizations are flying blind on AI risk even as deployment accelerates across every business unit.
• Start with a centralized AI inventory that maps every AI system, its data access, and its behavior patterns before investing in new tooling, since you cannot secure what you cannot see.

Russia-Linked Hacktivists Shift From DDoS to Credential-Based OT Intrusions, ICS Attacks Nearly Double

• Cyble research shows Russian-linked hacktivist groups like Cyber Army of Russia Reborn, Z-Pentest, and Sector16 have shifted from disruption-focused DDoS campaigns to credential-based intrusions targeting industrial control systems, with ICS-related attacks comprising 25% of all hacktivist operations, nearly doubling from the previous quarter.
• The techniques are disturbingly simple: password spraying, default credential exploitation, and reuse of leaked credentials from unrelated breaches to access exposed VNC services on ports 5900-5910, meaning sophisticated zero-days are not required to compromise critical infrastructure.
• Eliminate any VNC or remote access services exposed to the public internet, enforce strong authentication on all OT operator accounts, and segment IT/OT networks so that a compromised corporate credential cannot provide a path into industrial control environments.

UK's 1.5B Pound Jaguar Land Rover Cyber Bailout Sparks Debate on Government as Insurer of Last Resort

• The UK government issued a 1.5 billion pound loan guarantee to Jaguar Land Rover after a major cyberattack, prompting Ciaran Martin, former NCSC CEO and chair of the UK Cyber Monitoring Center, to warn this sets a dangerous precedent without clear criteria for when governments should intervene.
• Security experts argue that government bailouts create a "too important to fail" dynamic that could actually increase targeting by threat actors, while enabling underinvestment in security by organizations that assume the state will absorb catastrophic cyber losses.
• Security leaders should use this precedent to strengthen their board-level risk conversations: if your organization's cyber posture is weak enough to require a government bailout, the real failure happened long before the breach, and compulsory cyber insurance with minimum security standards may become the regulatory response.

Qualys Warns: MCP Servers Are the New Shadow IT, 53% Run on Static Secrets With Zero Visibility

• Qualys published research arguing that MCP servers have become a new shadow IT layer, with over 10,000 active public servers deployed in under a year and most organizations having zero visibility into where they run, what enterprise data they expose, or how AI agents can abuse them.
• Unlike traditional APIs, MCP servers sit at the intersection of natural-language reasoning and privileged execution, where capabilities are discovered dynamically and invoked autonomously by AI agents; 53% of servers rely on static secrets, creating widespread credential exposure across environments.
• Treat MCP servers as AI-driven control planes, not standard API layers: inventory all deployments across network and host levels, separate discovery privileges from invocation capabilities, and log all tool invocations with anomaly monitoring.

AI Agent Hacks McKinsey's Lilli Chatbot in Under 2 Hours, Exposes 46.5 Million Chat Messages

• CodeWall's autonomous AI security agent breached McKinsey's internal AI chatbot Lilli in under two hours by discovering publicly accessible API documentation with over 200 endpoints, 22 of which had no authentication, then executing a SQL injection to gain full system access.
• The exposed data included 46.5 million chat messages containing strategy discussions and client data, 728,000 files, 57,000 user accounts, and 384,000 AI assistant configurations, from a platform used by over 70% of McKinsey's 23,000+ workforce processing 500,000+ monthly prompts.
• Every organization deploying internal AI chatbots should audit API endpoint exposure, ensure no documentation is publicly accessible, and apply the same authentication and authorization controls to AI platforms that they would to any system handling their most sensitive data.

Scan of 1,808 MCP Servers Finds 66% Have Security Flaws, 843 Contain Toxic Data Flow Chains

• AgentSeal scanned 1,808 MCP servers across GitHub, npm, and PyPI and found that 66% had at least one security finding, with 427 critical and 1,841 high severity issues identified across 16,840 tools analyzed.
• The most alarming category is toxic data flows (37.2% of critical/high findings), where individually safe servers create dangerous attack chains when combined; for example, a server that reads Slack messages piped to a server that writes files creates a data exfiltration path even when neither server is malicious on its own.
• Before connecting MCP servers to AI agents in production, map the full capability graph of tool inputs and outputs across all connected servers to identify toxic combinations that create unintended data movement paths.

AWS Security Veterans Launch Native With $42M to Build Cloud Security Control Plane

• Native emerged from stealth with $42 million in funding led by Ballistic Ventures with participation from General Catalyst and YL Ventures, founded by the team that built Amazon GuardDuty and AWS Security Hub, with former Google Cloud CISO Phil Venables joining the board.
• Instead of layering on more monitoring tools, Native translates security policies into provider-specific controls enforced through native mechanisms already built into AWS, Azure, Google Cloud, and Oracle Cloud, addressing the gap between security intent and actual enforcement across multi-cloud environments.
• The founding team's pedigree signals that the next wave of cloud security will focus on policy enforcement through existing cloud primitives rather than adding more detection layers on top.

XBOW Hits Unicorn Status With $120M Series C for Autonomous Offensive Security

• XBOW raised $120 million in Series C funding led by DFJ Growth and Northzone, pushing its valuation past $1 billion and bringing total funding to over $235 million, with backing from Sequoia Capital, Altimeter, and Alkeon Capital.
• Founded by Oege de Moor, creator of GitHub Copilot and GitHub Advanced Security, XBOW became the first autonomous system to hit #1 on the HackerOne leaderboard, proving its AI can find and exploit vulnerabilities faster than top human researchers, with over 100 companies including Moderna and Samsung already using the platform.
• The autonomous pentesting category is now officially validated at unicorn scale, signaling that AI-driven offensive security is moving from research novelty to enterprise standard, and manual-only penetration testing firms face existential pressure to adapt.

Oasis Security Raises $120M Series B for Agentic Access Management, ARR Grows 5x

• Oasis Security closed a $120 million Series B led by Craft Ventures with participation from Sequoia Capital, Accel, and Cyberstarts, bringing total funding to $195 million as the company positions itself as the first platform purpose-built for Agentic Access Management.
• New ARR grew 5x year over year with the majority of clients coming from the Fortune 500, validating that managing nonhuman identities and AI agent access is becoming a board-level priority as enterprises scale agentic deployments across their infrastructure.
• The size of this round confirms that identity and access management for AI agents is emerging as a standalone category, distinct from traditional IAM, and security teams deploying agentic systems need dedicated controls for how agents authenticate, authorize, and interact with enterprise resources.

Socket

Software supply chain security platform that proactively detects malicious npm, PyPI, and Go packages before they enter your codebase. Directly relevant this week as the CanisterWorm supply chain attack spread through 47 npm packages via compromised postinstall hooks. View on CybersecTools

Claroty xDome Network Protection

OT/ICS network visibility and protection platform for industrial control systems and critical infrastructure. Relevant this week as Cyble research showed Russian-linked hacktivists are shifting to credential-based intrusions targeting exposed VNC services on industrial systems. View on CybersecTools

Oasis Agentic Access Management

Purpose-built identity governance platform for managing nonhuman identities and AI agent access across enterprise environments. Directly tied to this week's AI security theme, with MCP server shadow IT, McKinsey's AI chatbot breach, and Oasis's own $120M raise all highlighting the urgency of controlling what AI agents can access. View on CybersecTools

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

• Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools. Submit Your Product
• Position your product to sell to CISOs correctly. CISO Lens
• Get deep market intelligence on your company, competitors and the whole industry. Sign Up for Waitlist

Talk to you in the next one.

Nikoloz

In this week's brief:

• CrackArmor Linux Apocalypse: Nine vulnerabilities in AppArmor, hiding since 2017, let any unprivileged user escalate to root on 12.6 million enterprise Linux servers. Patch now.
• AI Malware Is Real: IBM X-Force caught ransomware group Hive0163 deploying AI-generated malware in a live attack, while CrowdStrike reports 82% of detections are now malware-free.
• Google's $32B Wiz Bet: The largest deal in Google's history closed this week, alongside $500M+ in stealth launches from Armadin, Kai, Jazz, and Bold. The next generation of security infrastructure is being built right now.

Push Security Finds Cybercriminals Launch InstallFix Attacks Against Claude Code Users

• Threat actors are cloning legitimate CLI tool installation pages and distributing them through malvertising on Google Search, targeting users searching for tools like Claude Code with pixel-perfect fake websites containing malicious install commands.
• The attack leverages the widespread developer practice of running "curl to bash" one-liners by presenting victims with familiar-looking installation commands that actually download Amatera Stealer malware instead of legitimate software.
• Push Security researchers identified multiple campaigns using this technique across popular developer tools, with attackers abusing legitimate hosting services like Cloudflare Pages and Squarespace to host cloned sites and evade detection.

AI-Generated Malware "Slopoly" Signals New Era of Low-Effort, High-Impact Threats

• IBM X-Force identified a new malware framework called Slopoly, suspected to be AI-generated and deployed by financially motivated threat actor Hive0163 during ransomware post-exploitation to maintain persistent server access for over a week.
• The malware demonstrates how AI tools allow threat actors to develop functional malware frameworks in a fraction of the traditional development time, lowering the barrier to entry for creating custom post-exploitation tooling.
• Security teams should update detection signatures for AI-generated code patterns and ensure post-exploitation monitoring covers persistence mechanisms on servers, not just initial access vectors.

Nine CrackArmor Flaws in Linux AppArmor Expose 12.6 Million Servers to Root Takeover

• Qualys TRU disclosed nine confused deputy vulnerabilities in AppArmor, the default mandatory access control module for Ubuntu, Debian, and SUSE, that have existed since 2017 (kernel v4.11) and allow unprivileged users to escalate to root, break container isolation, and trigger kernel panics.
• The flaws let attackers manipulate AppArmor profiles through trusted tools like Sudo and Postfix without needing admin credentials, meaning any local access foothold on an affected system is enough to compromise the entire host, including Kubernetes nodes and cloud instances.
• Apply vendor kernel patches immediately for all AppArmor-enabled distributions, scan infrastructure with Qualys QID 386714, and monitor /sys/kernel/security/apparmor/ for unauthorized profile modifications that may signal active exploitation.

IBM X-Force 2026: Public-Facing App Exploitation Up 44%, Supply Chain Attacks Quadrupled

• The IBM X-Force Threat Intelligence Index 2026 found that exploitation of public-facing applications surged 44% year-over-year to become the most common initial access vector, driven by expanding vulnerability surfaces and configuration errors in complex application stacks.
• Major supply chain and third-party breaches quadrupled over five years, with attackers systematically targeting the development pipeline and management-plane tools that organizations consistently under-patch relative to production infrastructure.
• The report reinforces that advanced AI-driven protections offer minimal benefit when foundational controls remain weak. Security leaders should prioritize patch cadence for public-facing apps, harden CI/CD pipelines, and treat identity as critical infrastructure with centralized governance.

CrowdStrike 2026 Threat Report: 29-Second Breakout Time, 82% of Detections Malware-Free

• The CrowdStrike 2026 Global Threat Report recorded the fastest eCrime breakout time at just 29 seconds, a 65% acceleration from 2024, while 82% of all detections in 2025 were malware-free as adversaries shift to identity-based and living-off-the-land techniques.
• AI-enabled adversary activity increased 89%, with over 90 organizations having legitimate AI tools exploited to generate malicious commands and exfiltrate sensitive data, and ChatGPT mentioned in criminal forums 550% more than any other model.
• Detection strategies built around malware signatures alone are now fundamentally insufficient. Security teams need cross-domain visibility spanning identity, cloud, and endpoint telemetry with automated response capabilities measured in seconds, not minutes.

Wallarm Report: 97% of API Vulnerabilities Exploitable With a Single Request, CISOs Racing to Secure AI at Scale

• Wallarm's 2026 API ThreatStats analysis found that 17% of all 67,058 published vulnerabilities in 2025 were API-related, and 43% of CISA's Known Exploited Vulnerabilities additions were API-focused, with 97% of those exploitable through a single well-formed request.
• As every AI application and agent interaction runs through APIs, the rapid deployment of agentic AI is massively expanding the API attack surface, and traditional WAFs built for web application era pattern-matching cannot catch the business logic flaws that attackers now target.
• Security teams deploying AI should prioritize API discovery and runtime protection as foundational controls, not afterthoughts, and evaluate platforms that handle both API and AI security without adding more tool sprawl to the stack.

"Agentic Blabbering" Attack Lets Malicious Sites Hijack AI Browser Agents

• Guardio disclosed a new attack technique called "Agentic Blabbering" that exploits the tendency of AI browser agents to narrate their reasoning and actions in real-time, allowing attackers to intercept the AI's decision-making process and manipulate its security guardrails.
• The attack works by using the AI's own reasoning output against it: because AI browsers continuously describe what they see, what they plan to do, and what signals they consider safe, adversaries can craft web pages that feed the agent misleading context to lower its defenses.
• As AI-powered browsing becomes more common in enterprise environments, security teams should evaluate the exposure of any browser agent deployments, restrict agent permissions to sensitive internal systems, and monitor for anomalous agent-initiated actions.

Cloudflare AI Security for Apps Goes GA With Free AI Discovery, IBM and Wiz Partnerships

• Cloudflare made its AI Security for Apps product generally available, offering automated discovery, detection, and mitigation of threats to LLM-powered applications, and is making AI endpoint discovery free for all Cloudflare customers including Free, Pro, and Business plans.
• The product sits as a reverse proxy in front of AI applications to detect prompt injection, jailbreaking, and sensitive data leakage, while also announcing expanded partnerships with IBM (to deliver AI security to its cloud customers) and Wiz (for unified AI security posture visibility).
• Organizations deploying AI-powered features should map all LLM endpoints across their web properties as a first step, since most security teams lack full visibility into where AI is actually running in production.

Cisco Talos Warns: Agentic AI Security Is a Threat Modeling Problem Organizations Already Know How to Solve

• Cisco Talos published research framing agentic AI security as a risk management challenge, noting that autonomous agents operating in observe-orient-decide-act loops can execute unauthorized commands, exfiltrate data, and move laterally, while only 29% of organizations report being prepared to secure these deployments.
• Researchers documented real-world attacks where compromised MCP servers allowed malicious GitHub issues to hijack agents and trigger data exfiltration from private repositories, and a fake npm package mimicking an email integration silently copied outbound messages to an attacker-controlled address.
• Apply the same threat modeling and least-privilege principles used for human employees to AI agents: scope data access to each agent's specific role, implement runtime guardrails for agent actions, and monitor MCP communications for unauthorized tool calls or privilege escalation attempts.

Kevin Mandia's Armadin Launches Out of Stealth With $190 Million in Funding

• Kevin Mandia, the former CEO of Mandiant, launched a new cybersecurity company called Armadin with $190 million in funding, signaling that one of the most recognizable names in incident response sees a major gap in the current market.
• The launch follows a wave of stealth-to-launch announcements this week, with Bold Security ($40M), Onyx Security ($40M), Jazz ($61M for AI-powered DLP), and Kai ($125M for IT/OT security) all emerging in the same period, pointing to sustained investor appetite for cybersecurity.
• When the person who built and sold Mandiant for $5.4B starts a new company with nearly $200M day one, it validates that the next generation of security infrastructure is being built right now, and the opportunity window for early-stage vendors is narrowing.

OpenAI Acquires AI Security Startup Promptfoo to Bolster Agentic AI Testing

• OpenAI announced the acquisition of Promptfoo, an AI security startup focused on LLM evaluation and red-teaming, signaling that the largest AI model provider is taking security testing seriously as agentic AI deployments accelerate.
• Promptfoo built open-source tooling for testing AI applications against prompt injection, jailbreaks, and other adversarial attacks, and its integration into OpenAI could mean native security testing becomes a built-in feature rather than an aftermarket add-on.
• For cybersecurity founders building in the AI security space, this acquisition confirms that the testing and evaluation layer is becoming a must-have capability, and that major AI platforms will either build or buy their way into security tooling.

Bold Emerges From Stealth With $40M to Rethink Endpoint Security With Edge AI

• Bold, a new enterprise endpoint security company, raised $40M from Bessemer Venture Partners, Picture Capital, and Red Dot Capital Partners to launch an AI-powered platform that processes user behavior data locally on each device rather than routing it to the cloud.
• Early enterprise customers report alert volumes dropping by up to 90% after deployment, with the lightweight AI agent continuously analyzing user activity, application behavior, and data movement without cloud dependency, addressing growing concerns around privacy and data sovereignty.
• The "last mile" endpoint protection approach signals growing investor conviction that the next generation of endpoint security needs to move beyond legacy DLP and insider risk tools toward real-time, on-device behavioral analysis.

Push Security Browser Extension

Browser-based security tool that detects phishing kits, cloned login pages, and credential theft in real time by inspecting page content directly in the browser. Directly relevant this week as Push Security researchers uncovered the InstallFix campaign targeting Claude Code users with pixel-perfect fake installation pages.

42Crunch API Protection

Runtime API security using a micro-firewall approach that enforces policies based on OpenAPI contracts. Relevant this week as Wallarm's report showed 97% of API vulnerabilities are exploitable with a single request.

ARMO

Kubernetes-native cloud security platform using eBPF for runtime monitoring with CSPM and KSPM capabilities. Contextually relevant this week after CrackArmor vulnerabilities exposed 12.6 million Linux servers, many running Kubernetes workloads.

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

1. Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools.
2. Position your product to sell to CISOs correctly. Positioning Advisory.
3. Get deep market intelligence on your company, competitors and the whole industry. Sign Up for Waitlist.

Talk to you in the next one.

Nikoloz

In this week's brief:

• Israel-Iran Cyber-Kinetic Operation: Israel dropped Iran's internet to 4% connectivity during a coordinated military-cyber strike, paralyzing government agencies and IRGC communications.
• Shadow AI Is Bleeding You Dry: Insider risk costs hit $19.5M per org, and 73% of companies say unauthorized AI use is creating invisible data loss paths while only 18% have governance in place.
• Check Point's $150M Israeli Acquisition Spree: Check Point picked up Cyclops and Cyata to build out agentic exposure management and unsupervised AI agent security. 

Israel Launches Largest Cyberattack in History, Plunging Iran to 4% Internet Connectivity

• A massive coordinated cyberattack accompanied Operation "Roar of the Lion," dropping Iran's internet connectivity to just 4% of normal levels according to NetBlocks, while paralyzing critical infrastructure, government news agencies including IRNA and Tasnim, and IRGC communications systems.
• The operation combined electronic warfare, DDoS attacks, and deep intrusions into energy and aviation infrastructure, reportedly preventing Iranian forces from coordinating counterattacks and disrupting drone and ballistic missile launch capabilities.
• Security teams should treat this as a case study in how cyber operations now run parallel to kinetic military strikes, reinforcing the need for resilient, air-gapped backup communications and incident response plans that assume total internet loss scenarios.

Canadian Tire Data Breach Exposes 38 Million Customer Accounts Across Multiple Retail Brands

• Canadian Tire Corporation confirmed that an October 2025 breach of its e-commerce database exposed 42 million records containing 38.3 million unique email addresses, names, phone numbers, physical addresses, and PBKDF2-hashed passwords across Canadian Tire, SportChek, Mark's, and Party City brands.
• The dataset, now added to Have I Been Pwned, also included partial credit card data for a subset of users; 86% of the exposed emails were already present in HIBP from previous breaches, compounding credential stuffing and phishing risks.
• Organizations running multi-brand e-commerce platforms should audit shared database architectures for lateral exposure risk, enforce credential rotation across all linked storefronts, and deploy monitoring for targeted phishing campaigns using the exposed personal data.

North Korea's APT37 Deploys "Ruby Jumper" Toolkit to Breach Air-Gapped Networks via USB

• Zscaler ThreatLabz uncovered a five-tool malware toolkit (RESTLEAF, SNAKEDROPPER, THUMBSBD, VIRUSTASK, FOOTWINE) used by North Korean group APT37 to bridge air-gapped systems by weaponizing removable USB drives, hiding files in fake Recycle Bin folders, and replacing legitimate files with malicious LNK shortcuts.
• The campaign disguises a full Ruby 3.3.0 runtime as a USB utility (usbspeed.exe), hijacks RubyGems to auto-load malware every five minutes, and uses Zoho WorkDrive as command-and-control infrastructure, marking the first documented abuse of this cloud service by the group.
• Organizations relying on air-gapped environments for critical infrastructure or classified operations should enforce strict removable media controls, monitor for unexpected LNK execution and hidden directories on USB drives, and block unauthorized Ruby runtimes on endpoints.

Splunk Report: 78% of CISOs Now Concerned About Personal Liability for Security Incidents

• Splunk's 2026 CISO Report found that personal liability concerns jumped from 56% to 78% year over year, while nearly all respondents said AI governance and risk management now fall under their direct responsibility, expanding the role well beyond traditional detection and response.
• 85% of CISOs cited low cybersecurity fluency among non-technical executives as a collaboration obstacle, and 41% said they cannot directly correlate security ROI to risk mitigation, making budget justification and board communication persistently difficult.
• Security leaders should formalize documentation practices around risk decisions, build structured board reporting frameworks that translate operational metrics into business language, and proactively define AI governance policies before oversight gaps become liability triggers.

CISA Leadership Shakeup as Acting Director Removed Amid Government Shutdown and Geopolitical Tensions

• CISA's acting director Madhu Gottumukkala was moved to a different DHS role after a tenure marked by failed polygraph tests, uploading sensitive documents to public ChatGPT, and attempted removal of the agency's CIO, with Nick Andersen (executive assistant director for cybersecurity) now serving as acting director.
• The transition comes while two-thirds of CISA staff are furloughed during the DHS government shutdown, the nominated permanent director Sean Plankey remains stuck in Senate confirmation, and former officials warn that geopolitical tensions with Iran could trigger retaliation against U.S. infrastructure.
• For security leaders dependent on federal threat intelligence and coordination, this signals a period where CISA's partnership capacity is diminished. Teams should diversify threat intel sources and stress-test incident response plans that don't assume timely federal support.

Insider Risk Costs Hit $19.5M Per Organization as Shadow AI Creates Invisible Data Loss Paths

• The 2026 Cost of Insider Risks Report from Ponemon Institute found that average annual insider incident costs reached $19.5 million per organization, up 20% since 2023, with negligent employee behavior driving $10.3 million of that total across an average of 14 incidents per company.
• 73% of organizations say unauthorized AI use is creating invisible data exfiltration paths, yet only 18% have integrated AI governance into insider risk programs and just 13% have formally adopted AI into business strategy, leaving a massive visibility gap as employees routinely feed source code, legal documents, and architecture diagrams into public LLMs.
• CISOs should classify AI agents as insider-equivalent identities with delegated authority and access, invest in behavioral intelligence and privileged access management (which delivers $6.1M in average cost savings), and close the governance gap before shadow AI normalizes unmonitored data flows across the organization.

Trump Orders Federal Ban on Anthropic as Pentagon Designates AI Company a Supply Chain Risk

• President Trump ordered all federal agencies to immediately cease using Anthropic's technology after the company refused Pentagon demands to remove contractual restrictions on using Claude for autonomous weapons and mass domestic surveillance, escalating a months-long dispute over a $200 million classified network contract.
• Defense Secretary Hegseth designated Anthropic a "Supply-Chain Risk to National Security", a classification typically reserved for foreign adversaries, which could force any Pentagon contractor to prove they don't use Anthropic products, potentially threatening the company's broader enterprise customer base despite its $380 billion valuation.
• The immediate security implication: organizations with federal contracts should audit their AI toolchain dependencies for Anthropic exposure, while all enterprises should treat this as a case study in vendor concentration risk when building critical workflows on any single AI provider.

North Korean Contagious Interview Campaign Evolves with Custom Bytecode VM, GitHub Gists, and Akira Stealer Delivery via VSCode

• Abstract Security's ASTRO team documented new payload staging infrastructure in the DPRK-linked Contagious Interview campaign, now abusing GitHub Gists, Google Drive, short URL services, and custom domains alongside the established VSCode/Cursor tasks.json auto-execution vector that fires malware when developers open malicious repositories.
• A newly observed loader uses a custom stack-based bytecode virtual machine to execute obfuscated payloads, while one infection chain delivers PyArmor-protected Python that drops Akira Stealer, a commodity infostealer targeting browser credentials, crypto wallets, and chat applications, complicating attribution beyond typical DPRK tooling.
• Development teams should disable automatic task execution in VSCode and Cursor, enforce mandatory code review of .vscode/tasks.json before granting workspace trust, and treat any repository received through recruitment channels as hostile until verified by security.

OWASP Releases AI Red Teaming Vendor Evaluation Criteria for GenAI Systems

• OWASP published comprehensive vendor evaluation criteria to help organizations assess AI red teaming providers and automated tools, addressing both simple chatbots and advanced multi-agent systems with tool-calling capabilities.
• The guide identifies critical red flags including vendors using stock jailbreak libraries, lack of multi-turn testing capabilities, and inability to evaluate stateful systems with memory and cross-session behavior analysis.
• Organizations should prioritize vendors demonstrating green flags such as reproducible adversarial evaluations, custom testing with novel findings, human verification of critical results, and actionable remediation guidance mapped to business impact.

LevelBlue Acquires Fortra's Alert Logic MDR Business to Strengthen Global MDR Position

• LevelBlue, the world's largest pure-play MSSP, acquired the managed services division of Fortra's Alert Logic MDR, XDR, and WAF solutions as part of a broader strategic partnership.

• The acquisition expands LevelBlue's global footprint and provides Alert Logic clients with access to broader threat telemetry and accelerated detection and response capabilities across complex environments.

• Fortra will become a leading technology partner for LevelBlue, making its offensive and defensive security solutions available to LevelBlue's global client base while strengthening both companies' market positions.

Westcon-Comstor Acquires REAL Security to Enter Balkans Market

• Global technology distributor Westcon-Comstor expanded into the Balkans region by acquiring Slovenia-based REAL Security, a value-added cybersecurity distributor operating across eight countries since 2002.

• REAL Security has built market-leading cybersecurity expertise in Slovenia, Croatia, Bosnia and Herzegovina, Serbia, Kosovo, Montenegro, Albania and North Macedonia, connecting major vendors with resellers and managed service providers.

• The acquisition provides Westcon-Comstor with proven local capability and represents their first deal since acquiring AWS consultancy Rebura in January 2024, strengthening their European cybersecurity portfolio.

Check Point Acquires Cyclops and Cyata for $150 Million in Strategic Israeli Cyber Push

• Check Point is acquiring Cyclops Security (estimated $85 million) and Cyata ($8.5 million in previous funding) along with acqui-hiring Rotate's team, totaling approximately $150 million to expand its domestic Israeli cybersecurity capabilities.

• Cyclops offers an agentic exposure management platform built on cybersecurity mesh architecture that allows security teams to query their environment using natural language for vulnerability and compliance insights.

• Cyata specializes in securing unsupervised AI agents operating across enterprise environments, providing visibility and control over autonomous bots, copilots, and chatbots that can execute code and access sensitive data outside traditional identity frameworks.

Allama: Open-Source AI Security Automation Platform

Open-source SOAR alternative with 80+ integrations across SIEMs, EDR, identity providers, and ticketing systems, using AI agents (supports external and self-hosted LLMs via Ollama) to enrich, triage, and act on alerts through visual drag-and-drop workflows.

OpenClaw Scanner: Detect Autonomous AI Agents Across Your Environment

Free open-source scanner that identifies instances of OpenClaw (MoltBot) autonomous AI agents operating across corporate environments, including agents that can execute tasks, access local files, and authenticate to internal systems without centralized oversight.

Brutus: Multi-Protocol Credential Testing Tool in Pure Go

Open-source credential testing tool written in pure Go that ships as a single binary with zero external dependencies, replacing legacy brute-force tools plagued by dependency conflicts and integration gaps.

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

1. Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools.
2. Position your product to sell to CISOs correctly. Positioning Advisory.
3. Get deep market intelligence on your company, competitors and the whole industry. Sign Up for Waitlist.

Talk to you in the next one.

Nikoloz

In this week's brief:

• AI-powered FortiGate campaign hits 600+ devices in 55 countries - No zero-days required; commercial AI services automated lateral movement and attack planning at industrial scale
• WEF report exposes CEO-CISO risk priority gap - CEOs worry about fraud, CISOs worry about ransomware, and 87% of leaders flag AI vulnerabilities as the fastest-growing risk
• Claroty raises $150M at $3B valuation, eyes 2027 IPO - OT security gets a massive vote of confidence as the company enters final IPO preparation stages

AI-Assisted Hacker Breaches 600+ FortiGate Firewalls Across 55 Countries in 5 Weeks

• Amazon Threat Intelligence revealed a Russian-speaking threat actor used commercial AI services including DeepSeek and Claude to compromise over 600 FortiGate devices between January 11 and February 18, exploiting exposed management interfaces and weak credentials rather than zero-day vulnerabilities.
• The attacker fed stolen network topologies directly into LLMs for step-by-step lateral movement guidance, deployed Mimikatz for DCSync attacks against domain controllers, and used an automated system called ARXON to generate structured attack plans, turning AI into what Amazon called an "assembly line for cybercrime."
• Security teams should immediately audit FortiGate management interface exposure, enforce MFA on all VPN and admin access, rotate SSL-VPN credentials, and monitor for anomalous Active Directory replication events (Event ID 4662) as indicators of DCSync activity.

Starkiller Phishing-as-a-Service Proxies Real Login Pages and Bypasses MFA in Real Time

• A new phishing platform called Starkiller, sold as a SaaS subscription by threat group Jinkusu, spins up Docker containers with headless Chrome instances that load real login pages from brands like Google, Microsoft, Apple, and PayPal, then act as reverse proxies to relay credentials and MFA tokens in real time.
• Unlike traditional phishing kits that use static page clones, Starkiller leaves no template files for security tools to fingerprint or blocklist, while offering operators a full dashboard with session monitoring, keystroke logging, cookie theft, geo-tracking, and conversion analytics identical to legitimate SaaS platforms.
• Static page analysis and URL reputation filtering are ineffective against this approach; detection needs to shift toward behavioral signals like anomalous login patterns, session token reuse from unexpected locations, and impossible travel indicators, even when MFA was technically completed.

Single Threat Actor Dominates Ivanti RCE Attacks With 83% of Activity

• A single threat actor operating from IP 193.24.123.42 on bulletproof infrastructure accounts for 83% of exploitation attempts targeting critical Ivanti EPMM vulnerabilities CVE-2026-21962 and CVE-2026-24061.
• GreyNoise observed 417 exploitation sessions between February 1-9, with a massive spike of 269 sessions on February 8 alone, indicating automated attacks using DNS callbacks to verify command execution capabilities.
• The same actor simultaneously exploits multiple products including Oracle WebLogic, GNU Inetutils Telnetd, and GLPI, suggesting initial access broker activity targeting various enterprise systems for potential resale.

ETH Zurich Study Uncovers 25 Attacks in Major Cloud Password Managers

• Researchers from ETH Zurich found 25 distinct attack vectors in Bitwarden (12), LastPass (7), and Dashlane (6) that can bypass "zero-knowledge encryption" claims, ranging from integrity violations to complete vault compromise across organizations serving over 60 million users and 125,000 businesses.
• Attacks exploit flawed key escrow recovery mechanisms, unauthenticated public keys, item-level encryption weaknesses, and legacy AES-CBC support that enables KDF downgrade attacks accelerating brute-force by up to 300,000x.
• Security leaders should audit enterprise password manager deployments against the four recommended mitigations (authenticated encryption, full key separation, public key authentication, ciphertext signing), ensure clients are updated, and evaluate whether vendor "zero-knowledge" promises hold up under a malicious server threat model.

Radware Report: DDoS Attacks Jump 168% With Peak Volumes Reaching 30 Tbps

• Radware's 2026 Global Threat Analysis Report reveals network-layer DDoS attacks increased 168% year-over-year in 2025, with peak volumes reaching nearly 30 Tbps and the average customer facing 25,351 attacks (139 per day), while web application DDoS attacks climbed 101%.
• The most impactful web DDoS attacks now last less than 60 seconds, making manual mitigation and human-in-the-loop defenses ineffective; the technology sector alone represented 45% of all network-layer attacks, up from under 9% in 2024.
• Hacktivist group NoName057(16) claimed a record 4,693 attacks, with Europe absorbing 48% of all claimed activity; security leaders need to shift from reactive to proactive DDoS defense with automated, AI-aware detection that can respond before sub-minute attacks complete.

WEF Global Cybersecurity Outlook 2026: CEO and CISO Risk Priorities Diverge as AI Threats Rise

• CEO priorities shifted significantly in 2026, with cyber-enabled fraud and phishing replacing ransomware as the top concern, while AI vulnerabilities emerged second; CISOs maintained focus on ransomware (#1) and supply chain disruption (#2), revealing a growing perception gap between business leaders and security teams.
• Among highly resilient organizations, CEOs rank AI vulnerabilities as their top risk, while CEOs of insufficiently resilient organizations remain focused on fraud, suggesting that security maturity directly shapes how leadership perceives emerging threats.
• The report highlights a widening cyber equity gap between organizations that are resilient and those that are not, with 87% of respondents identifying AI-related vulnerabilities as the fastest-growing risk category across the global threat landscape.

AI Agents Solve 9 of 10 Web Hacking Challenges but Struggle with Broad Scope Testing

• Claude Sonnet 4.5, GPT-5, and Gemini 2.5 Pro successfully exploited vulnerabilities including authentication bypass, SSRF, stored XSS, and S3 bucket takeovers with costs under $10 per successful attack when given specific targets.
• The AI models failed to solve challenges requiring enumeration tools or creative pivoting, such as finding exposed secrets in GitHub repositories, demonstrating limitations in strategic thinking compared to human testers.
• Performance degraded significantly in broad scope scenarios where agents had to independently prioritize targets, with costs increasing 2-2.5 times and fewer challenges solved due to inefficient resource allocation across multiple attack surfaces.

175,000 Ollama Hosts Form Unmanaged AI Network Exposing Tool-Calling Capabilities

• SentinelLABS and Censys discovered 175,000 publicly accessible Ollama hosts across 130 countries operating outside traditional AI governance frameworks, with nearly half configured for tool-calling capabilities that enable code execution and API access.
• The infrastructure spans residential networks (56% of hosts) and cloud environments, creating attribution challenges where 16-19% of hosts resist clean identification, while a persistent backbone of 23,000 hosts generates 76% of all activity using identical quantized models.
• Security risks include resource hijacking for malicious workloads, prompt injection attacks against tool-enabled systems with retrieval capabilities, and systemic vulnerability due to ecosystem-wide convergence on the same model families and compression formats.

Group-IB Report: Weaponized AI Fuels Fifth Wave of Cybercrime

• The fifth wave of cybercrime is driven by weaponized AI that transforms once human-driven skills like persuasion and coding into scalable services accessible for as little as $30 per month, enabling even novice threat actors to launch sophisticated attacks.
• Dark web discussions about AI abuse increased by 371% between 2019 and 2025, with underground marketplaces now offering subscription-based services including DarkLLMs, deepfake-as-a-service, and AI-powered phishing automation tools that mimic legitimate SaaS business models.
• Criminal ecosystems have evolved to include AI-enhanced malware, synthetic identity creation, and autonomous attack workflows that compress the entire attack lifecycle from reconnaissance to persistence, making cybercrime cheaper, faster, and harder to trace than ever before.

Claroty Raises $150 Million in Series F Funding at $3 Billion Valuation

• The cyber-physical systems security company secured $150 million in Series F funding led by Golub Growth, bringing total funding to approximately $900 million with an estimated valuation of $3 billion.
• Claroty provides comprehensive security for xIoT systems including operational technology, ICS, IoT, and IIoT with capabilities spanning asset visibility, exposure management, network protection, and threat detection.
• The company is positioning for a potential IPO as early as 2027, with CEO Yaniv Vardi indicating they have entered final preparation stages with recent leadership hires and projected path to profitability.

Zscaler Acquires SquareX to Advance Zero Trust Browser Security

• Zscaler acquired SquareX to extend zero trust capabilities into standard browsers like Chrome and Edge through lightweight extensions, eliminating the need for third-party enterprise browsers or full agents on unmanaged devices.
• The acquisition addresses the security gaps left by legacy VPN and VDI solutions by enabling organizations to secure SaaS and private applications across any device without compromising productivity or requiring expensive infrastructure changes.
• SquareX's technology will integrate with Zscaler's Zero Trust Exchange Platform to provide precise zero trust policies that protect data and AI interactions based on each organization's specific risk profile, particularly for BYOD environments.

Proofpoint Acquires Acuvity to Deliver AI Security and Governance Across the Agentic Workspace

• Proofpoint acquired Acuvity, a pioneer in AI enterprise security and governance, to strengthen its platform with AI-native visibility, governance, and runtime protection for AI and agent-driven workflows.
• The acquisition positions Proofpoint as the first cybersecurity platform to comprehensively address agentic workspace protection at the intersections of humans, data, and AI agents working collaboratively.
• Acuvity brings new control points and detection models purpose-built for the AI era, delivering comprehensive visibility and enforcement across AI usage from endpoints and web browsers to emerging AI infrastructure such as Model Context Protocol servers.

Whiteswan Platform

Identity-first security platform that consolidates PAM, ZTNA, and ITDR under Zero Trust principles with just-in-time access controls. Also secures AI agents and non-human identities through an MCP gateway, bridging traditional IAM with the emerging agentic AI access challenge highlighted by this week's Proofpoint-Acuvity and Check Point-Cyata acquisitions.

Saidot AI Governance Platform

SaaS governance platform for managing AI system risk, compliance, and EU AI Act requirements using a knowledge graph that connects risks, policies, models, and evaluations. Features an Agent Catalogue for governing AI agents deployed across organizations, directly relevant as the WEF report flags 87% of leaders identifying AI vulnerabilities as the fastest-growing risk.

MCP Gateway

NeuralTrust's security layer between AI agents and the tools they access, enforcing role-based access controls, tracking which LLMs invoke which tools, and preventing unauthorized tool use at sub-10ms latency. Relevant as Model Context Protocol adoption accelerates and organizations scramble to govern agentic AI infrastructure.

Thank you for reading this week's brief.

Whenever you're ready, there are three ways I can help you:

Get your cybersecurity product in front of 15,000 cybersecurity professionals on CybersecTools.

Position your product to sell to CISOs correctly. Positioning Advisory.

Get deep market intelligence on your company, competitors and the whole industry. Sign Up for Waitlist.

Talk to you in the next one.

Nikoloz

Meanwhile, Proofpoint, Zscaler, and CrowdStrike all made AI-adjacent acquisitions this same week. The land grab for agentic AI security is on.

Top 3 This Week

• BeyondTrust CVSS 9.9 flaw exploited within 24 hours of PoC release - One threat actor is behind 83% of attacks, and CISA added it to the KEV catalog on the same day
• Claude Opus 4.6 discovers 500+ zero-day vulnerabilities in open source projects - Anthropic's newest model found high-severity bugs in codebases that survived decades of automated testing, forcing a rethink of disclosure timelines
• Check Point spends $340M on four acquisitions in 60 days - AI security, exposure management, and MSP workspace all targeted as the legacy firewall giant tries to buy its next chapter

BeyondTrust Vulnerability Exploited Within 24 Hours of PoC Release

• Attackers began exploiting CVE-2026-1731, a critical CVSS 9.9 vulnerability in BeyondTrust Remote Support and Privileged Remote Access, within hours of a proof-of-concept becoming available.
• A single threat actor is responsible for 83% of all observed exploitation attempts against recent Ivanti and BeyondTrust vulnerabilities, suggesting a highly organized operation focused on remote access infrastructure.
• CISA added the flaw to its Known Exploited Vulnerabilities catalog on the same day, requiring federal agencies to patch immediately.

Why this matters:
Remote access tools sit at the trust boundary of enterprise networks. When a CVSS 9.9 goes from PoC to active exploitation in under 24 hours, your patch SLA is the only thing between you and compromise. If your remote access infrastructure isn't on a 24-hour emergency patch cycle, it should be.

300+ Malicious Chrome Extensions Caught Stealing Data from 37 Million Users

• Researchers identified over 300 malicious Chrome extensions with a combined 37 million installations that disguised themselves as AI assistants, ad blockers, and productivity tools while harvesting browsing history, credentials, and session tokens.
• The extensions used injected iframes and background scripts to hijack accounts on platforms including VKontakte, steal API keys from emails, and exfiltrate business data, with some specifically targeting enterprise users.
• Google has begun removing the extensions from the Chrome Web Store, but the scale of the campaign, spanning at least 30 distinct malware families, points to a coordinated ecosystem rather than isolated incidents.

Why this matters:
Browser extensions operate with broad permissions that most users never review. For security teams, this is a reminder that extension governance belongs in your endpoint policy, not just your IT hygiene checklist. Block unsigned extensions, whitelist what you need, and audit the rest.

Dutch Carrier Odido Discloses Data Breach Impacting 6.2 Million Customers

• Netherlands-based telecom provider Odido (formerly T-Mobile Netherlands) confirmed a breach of its contact management system exposing personal data of 6.2 million customers, including names, addresses, phone numbers, and dates of birth.
• The breach did not involve financial data or passwords, but the volume of exposed PII creates significant phishing and social engineering risk for affected customers across the Netherlands.
• Dutch regulators are investigating. Odido has notified affected customers and implemented additional access controls on the compromised system.

Why this matters:
6.2 million records in a country of 17 million means roughly one in three Dutch residents is affected. For CISOs operating in the EU, this is another data point for board conversations about the real cost of contact system security and GDPR exposure.

CISA Set to Furlough Most of Its Workforce Under DHS Shutdown

• The Cybersecurity and Infrastructure Security Agency is preparing to furlough the majority of its staff if the Department of Homeland Security faces a government shutdown, leaving critical cybersecurity coordination functions severely understaffed.
• Essential functions like active incident response and critical infrastructure protection would continue with a skeleton crew, but proactive programs including vulnerability disclosure, threat intelligence sharing, and security assessments would halt.
• The timing is particularly concerning given active exploitation of multiple critical vulnerabilities and ongoing nation-state campaigns targeting federal and critical infrastructure networks.

What this means:
Whether or not the shutdown happens, the fact that federal cybersecurity coordination hinges on funding negotiations should concern every CISO in critical infrastructure. If you rely on CISA advisories, KEV catalog updates, or their incident coordination, have a backup plan. Diversify your threat intelligence sources now, not when the lights go off.

Munich Security Conference: Cyber Threats Lead G7 Risk Index

• The 2026 Munich Security Index ranks cyberattacks as the top risk across all G7 nations, overtaking traditional geopolitical threats for the first time in the index's history.
• The report highlights that state-backed actors from China, Iran, Russia, and North Korea are running coordinated operations against defense industrial base targets, with Google's threat intelligence group documenting linked campaigns across multiple sectors.
• EU officials used the conference to warn that adversaries are rehearsing digital sieges against critical infrastructure, with Taiwan specifically flagging Chinese rehearsal operations.

What this means:
Cyber risk at the top of the G7 index isn't just an academic ranking. It changes how boards think about security investment. If your executive team still treats cybersecurity as an IT cost center, this is the external validation to reframe it as enterprise risk management.

CyberArk Survey Reveals 75% of Organizations Overconfident in Privilege Management

• 75% of organizations believe they're future-ready but continue relying on outdated privilege models, with 91% still using standing privileged access and 99% failing to eliminate it entirely.
• Shadow privilege remains a persistent problem with 54% of organizations discovering unmanaged privileged accounts weekly, while 88% use multiple identity platforms creating operational blind spots.
• Only 33% of organizations have established policies for AI identities or AI agent access, highlighting a critical governance gap as artificial intelligence adoption accelerates across enterprises.

What this means:
The gap between confidence and reality in privilege management is a red flag for every security program. Standing access is the gift that keeps giving to attackers, and the AI identity gap is about to get worse. If your PAM strategy doesn't account for non-human identities and AI agents, you're building your access model on assumptions that expired six months ago.

Claude Opus 4.6 Discovers 500+ Zero-Day Vulnerabilities in Open Source Projects

• Anthropic's new Claude Opus 4.6 model found over 500 high-severity vulnerabilities in well-tested open source codebases without specialized tooling, using human-like reasoning to analyze Git commit histories and identify patterns rather than traditional fuzzing methods.
• The AI model successfully discovered zero-day vulnerabilities in projects like GhostScript, OpenSC, and CGIF that had remained undetected for decades despite millions of hours of automated testing, demonstrating superior analysis capabilities for complex memory corruption issues.
• Anthropic has implemented new cyber-specific detection probes and enforcement workflows to prevent misuse while contributing validated patches to maintainers, warning that existing 90-day disclosure windows may need adjustment for the speed and volume of AI-discovered bugs.

The implication:
The offensive-defensive balance just shifted. If one AI model can find 500+ zero-days in mature codebases, the question isn't whether attackers will use similar capabilities. They already are. The 90-day disclosure window was designed for human researchers finding bugs one at a time. When AI finds them by the hundreds, the entire coordinated disclosure framework needs rethinking.

Claude AI Artifacts Abused to Push Mac Infostealers via ClickFix Attacks

• Threat actors are using Anthropic's Claude to generate malicious web pages through the Artifacts feature, then promoting these pages via Google Ads to target macOS users with infostealer malware.
• The attack chain uses ClickFix social engineering, tricking users into copying and executing terminal commands that download and install credential-stealing malware on their machines.
• This represents a new abuse vector where legitimate AI coding tools are weaponized to rapidly generate convincing phishing infrastructure at scale, lowering the barrier for creating targeted attack campaigns.

The implication:
AI tools are becoming infrastructure for attackers, not just targets. The speed at which threat actors can generate convincing malicious pages using legitimate AI platforms means traditional URL reputation and blocklist approaches will fall further behind. Behavioral detection at the endpoint is becoming the critical last line.

AI Agents Solve 9 of 10 Web Hacking Challenges but Struggle with Broad Scope Testing

• Claude Sonnet 4.5, GPT-5, and Gemini 2.5 Pro successfully exploited vulnerabilities including authentication bypass, SSRF, stored XSS, and S3 bucket takeovers with costs under $10 per successful attack when given specific targets.
• The AI models failed to solve challenges requiring enumeration tools or creative pivoting, such as finding exposed secrets in GitHub repositories, demonstrating limitations in strategic thinking compared to human testers.
• Performance degraded significantly in broad scope scenarios where agents had to independently prioritize targets, with costs increasing 2-2.5 times and fewer challenges solved due to inefficient resource allocation across multiple attack surfaces.

The implication:
AI agents are already effective at targeted exploitation but can't replace human pentesters for strategic thinking. The cost curve is what matters here: under $10 per successful exploit means automated vulnerability scanning at scale is becoming trivially cheap. Security teams should assume that every known vulnerability class will be tested against their infrastructure continuously and affordably.

Check Point Acquires Three Israeli Startups for $150M Alongside Strong Earnings

• Check Point acquired Cyata (AI agent security), Cyclops (exposure management, $85M), and Rotate (MSP workspace) for a combined ~$150 million, adding to the $190 million Lakera AI acquisition from Q4 2025.
• Q4 2025 results showed $745 million in revenue (up 6% YoY), with security subscription revenue growing 11% to $325 million and non-GAAP EPS beating estimates at $3.40 versus $2.77 consensus.
• CEO Nadav Zafrir outlined four strategic pillars for 2026: hybrid mesh, workspace, exposure management, and AI security, with the acquisitions expected to cause ~0.5 points of operating margin dilution.

The signal:
Four acquisitions totaling $340M in 60 days tells you where Check Point thinks the growth is: AI security and CTEM. The Cyclops deal at $85M for a company with ~$6.4M in funding is a 13x return for early investors. For cybersecurity startups in exposure management or AI governance, the acquisition market is hot. For Check Point investors, the question is whether buying growth works when organic revenue growth is only 6%.

Zscaler Acquires SquareX for Browser-Native Zero Trust Security

• Zscaler acquired browser security firm SquareX to extend Zero Trust protection directly into standard browsers like Chrome and Edge, eliminating the need for third-party enterprise browsers.
• SquareX's "Browser Detection and Response" technology runs as a lightweight extension that detects malicious extensions, enforces least-privilege application access, and prevents data leakage from generative AI tools.
• The deal comes days after CrowdStrike announced its acquisition of Seraphic for similar browser security capabilities, signaling a competitive rush into the secure browser category.

The signal:
Gartner projects 25% of enterprises will use secure enterprise browsers by 2028. But the market is splitting: standalone browser companies like Island versus platform players like Zscaler and CrowdStrike acquiring their way in. Platform integration usually wins in enterprise. The standalone browser companies need to move fast or get absorbed.

Proofpoint Acquires Acuvity to Secure the Agentic Workspace

• Proofpoint acquired Acuvity, an AI security startup focused on visibility and governance for enterprise AI usage, including monitoring how employees and autonomous agents interact with external AI services and internal models.
• Acuvity's platform covers the full range of AI infrastructure from endpoints and browsers to Model Context Protocol (MCP) servers and locally installed AI tools, providing detection models that understand context and intent rather than just pattern matching.
• Proofpoint's CSO Ryan Kalember framed the shift clearly: CISOs have moved from worrying about prompt injection to needing to understand what AI agents are actually doing across the organization.

The signal:
This is the third major AI security acquisition this week alongside Check Point's Cyata deal and Zscaler's SquareX buy. The message from enterprise security platforms is clear: AI governance is no longer a feature request, it's an acquisition target. The shadow AI problem just became a board-level priority, and the startups building visibility into agentic behavior are getting acquired before they can scale independently.

SquareX Browser Detection and Response

Browser-native security extension that detects malicious extensions, prevents AI data leakage, and enforces Zero Trust policies directly in Chrome and Edge. Relevant this week as Zscaler acquired SquareX to extend its platform into browser security.

Menlo Security Secure Enterprise Browser

Cloud-based secure browser platform that isolates web content and applies DLP controls. With Zscaler and CrowdStrike both acquiring browser security companies this week, the secure browser category is consolidating fast.

TestSavant AI Security Assurance Platform

AI model testing and security assurance platform for organizations deploying machine learning in production. Relevant as Proofpoint's Acuvity acquisition and Check Point's Cyata deal signal growing enterprise demand for AI governance tooling.

The M&A pace in cybersecurity is accelerating, and the categories getting acquired tell you where the market is heading: AI security, browser security, and exposure management. If you're building in or buying from these categories, the landscape is shifting under your feet.

For cybersecurity companies: track your competitive landscape across 10,000+ products on CybersecTools.

Nikoloz

In this week's analysis:

• VMware ESXi Ransomware Exploitation: CISA confirmed ransomware gangs are actively exploiting a high-severity ESXi sandbox escape flaw that's been a zero-day since at least February 2024. Action: If you haven't patched CVE-2025-22225 across ESXi, Fusion, and Cloud Foundation, treat this as your top priority this week - attackers already have a head start.
• Near-Perfect Prompt Injection Attacks on LLMs: Researchers showed that black-box prompt injection can achieve near-100% malicious content retrieval across major embedding models, coercing GPT-4o into exfiltrating SSH keys for as little as $0.21 per query. So What: If you're deploying RAG or multi-agent systems in production, existing defenses are not enough - start evaluating retrieval-layer controls and assume this attack surface will only grow.
• Indurex Launches for Cyber-Physical Security: A new startup from the former Applied Risk founder emerged from stealth with a platform unifying cyber, process, and safety context for industrial environments. Strategy: For security vendors eyeing OT and critical infrastructure, this signals growing demand for converged visibility platforms - fragmented tooling in these environments is becoming a real market gap to fill.

Threats

CISA Confirms VMware ESXi Vulnerability Exploited In Ransomware Attacks

• I've confirmed that ransomware gangs are now actively exploiting CVE-2025-22225, a high-severity VMware ESXi sandbox escape vulnerability that has been used in zero-day attacks since at least February 2024.

• The vulnerability allows attackers with privileged access to trigger an arbitrary kernel write leading to sandbox escape, affecting multiple VMware products including ESXi, Fusion, Cloud Foundation, and vSphere.

• CISA has updated its Known Exploited Vulnerabilities catalog to specifically flag this flaw as being used in ransomware campaigns, though federal agencies were already required to patch by March 25, 2025 under BOD 22-01.

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

• OpenClaw has partnered with Google-owned VirusTotal to scan all skills uploaded to ClawHub marketplace using SHA-256 hashes and Code Insight capability, automatically approving benign skills while flagging suspicious ones and blocking malicious content.

• Recent security research has uncovered hundreds of malicious skills on ClawHub that masquerade as legitimate tools but harbor functionality to exfiltrate data, inject backdoors, or install stealer malware through cleverly concealed prompt injection payloads.

• The platform faces significant security challenges including cleartext credential storage, ineffective guardrails against prompt injection attacks, and over 30,000 exposed instances accessible over the internet, prompting China's Ministry of Industry and Information Technology to issue security warnings.

Rapid7 Discovers Chrysalis Backdoor Used by Lotus Blossom APT

• Rapid7 uncovered a sophisticated campaign by Chinese APT group Lotus Blossom that compromised Notepad++ infrastructure to deliver a previously unknown custom backdoor called Chrysalis, which features extensive command and control capabilities including file transfer, remote shell access, and comprehensive system reconnaissance.

• The attack chain leverages DLL sideloading using a renamed Bitdefender Submission Wizard to load malicious log.dll, which then decrypts and executes shellcode that deploys the main Chrysalis backdoor with RC4 encryption and custom API hashing to evade detection.

• Additional forensic analysis revealed the threat actors also deployed Cobalt Strike beacons through multiple loader variants, including one that abuses Microsoft Warbird code protection framework via undocumented NtQuerySystemInformation system calls for stealthy shellcode execution.

Leadership Insights

Action1 Releases 2025-2026 Education Cybersecurity Report Showing Declining Confidence Despite Increased Investment

• School IT leaders are reassessing their cybersecurity readiness more realistically, with 66% rating their maturity as moderate while confidence in being highly prepared dropped from 30% to 18%, reflecting better understanding of today's complex threat landscape.

• Nearly 89% of schools experienced at least one cyber incident in the past year, with phishing attacks being the most common (84%), followed by malware infections (22%) and unauthorized access (15%), while only 3% reported ransomware incidents.

• Despite 38% of schools increasing cybersecurity budgets and more allocating 21-30% of IT spending to security, 74% still operate without a dedicated cybersecurity specialist and 92% expect AI-powered phishing to be the most dangerous threat in the coming year.

StrongestLayer Report Shows 2,042 Advanced Email Threats Bypassed Microsoft E3/E5 and Leading SEGs

• Analysis of Q3-Q4 2025 threats reveals that 77% of attacks impersonated business-critical brands like DocuSign, Microsoft, and Google Calendar, exploiting platforms too operationally critical to block without halting business operations.

• Despite 77% of attacks having failed authentication (SPF/DKIM/DMARC), they still reached inboxes due to DMARC enforcement gaps, while 17 attacks that passed all authentication checks prove that validation confirms infrastructure origin, not malicious intent.

• Approximately 45% of sophisticated attacks showed AI-assistance markers with projections reaching 75-95% within 18 months, creating unique variants that share only 12-18% similarity and bypass traditional pattern-matching detection methods.

Netskope Cloud and Threat Report: 2026 Reveals Major Cybersecurity Trends

• The report reveals a massive surge in generative AI usage, with the number of users tripling and data prompts to AI apps increasing sixfold, while data policy violations doubled to an average of 223 incidents per month as employees send sensitive source code, regulated data, and intellectual property to AI platforms.

• Personal cloud apps continue to pose significant insider threat risks, with 60% of insider threat incidents involving personal app instances and 31% of users uploading data to these platforms monthly, representing more than double the number interacting with AI apps.

• Despite improvements in user awareness, phishing remains persistent with 87 out of every 10,000 users clicking malicious links monthly, while attackers increasingly abuse trusted channels like GitHub, OneDrive, and Google Drive to distribute malware to organizations.

AI & Security

Researchers Develop Black-Box Attack Method That Achieves Near-Perfect Retrieval of Malicious Content in LLM Systems

• Researchers demonstrated that indirect prompt injection attacks can achieve near-100% retrieval rates across 11 benchmarks and 8 embedding models by decomposing malicious content into trigger and attack fragments, with a single poisoned email successfully coercing GPT-4o into exfiltrating SSH keys in over 80% of trials.

• The attack uses a black-box optimization algorithm requiring only API access to embedding models, costs as little as $0.21 per target query on OpenAI's embedding models, and works across both RAG and multi-agent systems without requiring knowledge of corpus contents or model parameters.

• Evaluation of existing defenses found them insufficient to prevent retrieval of malicious text, with the vulnerability persisting across different model architectures, parameter scales, and proprietary services, establishing retrieval as a critical open vulnerability in LLM systems.

MoltBot AI Agent Raises Security Concerns With Plain Text Storage and Unrestricted Access

• MoltBot, an open-source AI agent, stores sensitive data including API keys, memory files, and session logs in plain text files on local machines, making them easy targets for infostealers that scrape common directories.

• The agent operates with deep system access and autonomous capabilities, creating security risks because traditional app security models break down when dealing with adaptive and non-deterministic AI behavior that changes over time.

• 1Password proposes a mediation layer approach where agents receive time-bound, revocable access through identity management rather than long-lived tokens, enabling continuous runtime access control and audit trails.

Operation Bizarre Bazaar: First Attributed LLMjacking Campaign with Commercial Marketplace Monetization

• Pillar Security uncovered a systematic LLMjacking campaign targeting exposed AI infrastructure, capturing 35,000 attack sessions between December 2025 and January 2026 across three interconnected threat actors operating a complete criminal supply chain.

• The operation involves a threat actor "Hecker" running silver.inc, a commercial marketplace that resells unauthorized access to 30+ LLM providers at 40-60% discounts while exploiting exposed Ollama instances, unauthenticated vLLM servers, and accessible MCP endpoints.

• Organizations face risks beyond compute theft including data exfiltration from LLM context windows, lateral movement through compromised Model Context Protocol servers, and supply chain compromise affecting file systems, databases, and internal APIs.

Market Intelligence

Mesh Security Raises $12 Million for CSMA Platform

• The Series A funding round was led by Lobby Capital, bringing Mesh Security's total funding to over $16 million since its 2022 founding.

• Mesh's platform operationalizes CSMA by sitting above existing security stacks to unify fragmented tools into a single interoperable system without disrupting current investments.

• The company will use the investment to advance autonomous agentic capabilities for cross-domain attack paths and scale sales and customer support operations.

AiStrike Raises $7 Million in Seed Funding for AI-Native Cyber Defense Platform

• The startup secured $7 million in seed funding led by Blumberg Capital, with participation from Runtime Ventures, Oregon Venture Fund, and angel investors to scale its AI-native cyber defense platform.

• AiStrike offers Agentic Cyber Defense-as-a-Service (ACDaaS) that unifies exposure analysis, threat intelligence, detection, investigation, and response using AI agents across the security operations lifecycle.

• The platform uses a federated model designed to reduce latency and eliminate cost overhead while continuously hunting threats, analyzing risks, and driving preventive action before incidents occur.

Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems

• Netherlands-based startup Indurex has launched from stealth mode with an AI-powered platform that ingests and correlates data from multiple sources across the cyber-physical stack, focusing on industrial historians, instrumentation and asset management systems, and OT network data.

• The company was founded by Jalal Bouhdada, former founder of industrial cybersecurity firm Applied Risk which was acquired by DNV in 2021, and is currently preparing a pre-seed funding round while remaining bootstrapped.

• Indurex's platform unifies cyber, process, and safety context into a single operational view for utilities, energy operators, and data centers, using adaptive risk scoring to replace fragmented tools and reduce alert noise in critical infrastructure environments.

Security Stack

Onspring OMB A-123 Risk & Controls Management

Federal agency GRC platform for OMB A-123 compliance and internal controls

AppOmni Salesforce Security

SSPM solution for Salesforce security posture management and threat detection

Cayosoft Guardian Protector™

Hybrid AD and Entra ID mgmt, monitoring, and recovery platform

Thank you for reading this week's brief.

If you found this brief valuable, please forward it to one peer who is currently building or securing a B2B startup.

I’m constantly refining this intelligence for you. Was this week's market analysis useful?

Just hit Reply and let me know, I read every message.

P.S. Whenever you’re ready, there are two ways I can help you:

1. Founders: Need a Fractional CISO to unblock enterprise deals or lead your cybersecurity maturity journey? Book a Discovery Call
2. Vendors: Want to get your product in front of 15k+ security researchers on CybersecTools? Submit Your Product

Talk to you in the next one.

Nikoloz

In this week's analysis:

• Phishing Gets Cloud-Native: Attackers are now using GitHub for scripts and Dropbox for malware delivery, making takedowns nearly impossible. Action: Enable Tamper Protection on all endpoints and monitor for suspicious PowerShell execution with GitHub/Dropbox traffic patterns.
• Prevention is Dead: 65% of CISOs have shifted focus to cyber resilience as recovery strategies, with zero achieving same-day recovery from incidents. Strategy: Start building your incident response muscle memory now - downtime costs are becoming the primary business risk metric.
• $28B Automotive Security Gold Rush: UN regulations are forcing security into every vehicle layer, creating a massive market opportunity as cars become computers on wheels. Business Opportunity: Consider partnerships with established players like Infineon or VicOne who are consolidating this space through acquisitions.

Multi-Stage Phishing Campaign Delivers Amnesia RAT and Ransomware via GitHub and Dropbox

• A sophisticated phishing campaign targeting Russian organizations leverages business-themed documents to deploy Amnesia RAT and ransomware while abusing defendnot to disable Microsoft Defender, and uses GitHub for script distribution and Dropbox for binary payloads to complicate takedown efforts and improve campaign resilience.

• This attack demonstrates how adversaries achieve full system compromise without exploiting vulnerabilities, instead systematically abusing native Windows features, administrative tools, and policy enforcement mechanisms to disable endpoint defenses before deploying persistent surveillance tooling that steals credentials, cryptocurrency wallets, browser data, and enables remote control with real-time data exfiltration via Telegram.

• Security teams should enable Tamper Protection on all endpoints to prevent unauthorized changes to Defender settings, monitor for suspicious Windows Security Center API calls and Registry modifications, implement application whitelisting to block unauthorized scripts, and establish detection rules for defendnot abuse patterns and unusual PowerShell execution with extended delays between stages.

Fake Clawdbot VS Code Extension Installs ScreenConnect RAT

• Attackers published a malicious VS Code extension impersonating the popular Clawdbot AI assistant, automatically dropping weaponized ScreenConnect remote access software onto Windows machines every time VS Code starts.

• The extension functions as a legitimate AI coding assistant while silently connecting infected machines to attacker-controlled infrastructure at meeting.bulletmailer[.]net:8041, using a trojan approach that avoids detection.

• The attack includes multiple fallback mechanisms including a Rust-based DLL loader and Dropbox payload delivery, demonstrating sophisticated redundancy planning to ensure successful RAT deployment even if primary infrastructure fails.

Nike Investigates Data Breach After Extortion Gang Leaks Files

• Nike is investigating a potential data breach after an extortion group posted what appears to be stolen files from the company on their leak site.

• The threat actors claimed to have accessed Nike's systems and are demanding payment to prevent further data leaks of sensitive corporate information.

• Nike has not yet confirmed the authenticity of the leaked files or disclosed the full scope of the potential breach, while security researchers analyze the posted evidence.

CISOs Shift Focus From Prevention to Cyber Resilience as Downtime Costs Soar

• A survey of 750 CISOs reveals that 65% now prioritize cyber resilience over traditional prevention methods, with 72% confirming their role has evolved to include leading business continuity recovery following security incidents.

• 55% of organizations experienced a cyberattack or ransomware infection in the past 12 months that rendered endpoint devices inoperable, with not a single CISO able to achieve full recovery within one day.

• The majority of CISOs (53%) expect their organizations to face significant and costly downtime in the next 12-18 months, with 59% expressing personal concern about job loss or legal liability from security incidents.

Fastly Q3 2025 Bot Traffic Report Reveals Financial Services and Commerce Under Heavy Attack

• Headless bots heavily targeted transaction-heavy industries, with 89% of headless bot traffic focused on Financial Services (44%) and Commerce (45%) sectors, likely seeking to compromise accounts and scrape real-time pricing data.

• Organizations are increasingly blocking AI crawlers and fetchers, with 4% of all wanted bot traffic being blocked as companies question whether these bots provide actual business value amid the shift from traditional SEO to generative engine optimization.

• Meta and ChatGPT dominate AI bot traffic, accounting for 60% of all AI crawler traffic and 68% of AI fetcher traffic respectively, while "Common Headless Automation" tools represent 94% of total headless bot activity across Fastly's 6.5 trillion monthly requests.

Arkose Labs Q3 2025 Threat Report: Bot Attacks Surge While Attack Automation Services Decline

• Bot attacks dominated Q3 with 79% of malicious traffic while fake account creation remained the leading attack type at 46% of all incidents, signaling a potential shift toward agentic AI deployment at scale.

• Attack automation services declined 16% in volume but increased 6% in average attack size, while human-based fraud farm operations grew 24% quarter-over-quarter, indicating refined targeting strategies.

• Desktop devices continue to be preferred for attacks (68% vs 32% mobile) with 71% of attacks originating from Chrome browsers, while Brazil leads global attack origins excluding spoofed US traffic.

Researchers Exploit Google Gemini Using Calendar Invite Prompt Injection

• Security researchers discovered a prompt injection vulnerability that allowed attackers to embed malicious instructions in calendar event descriptions, which Google Gemini would execute when users asked routine scheduling questions.

• The attack chain involved creating a calendar invite with a hidden payload that instructed Gemini to summarize private meetings and exfiltrate this data by creating new calendar events visible to the attacker.

• This vulnerability highlights a fundamental shift in application security where attacks are semantic rather than syntactic, making traditional pattern-based defenses ineffective against AI-powered authorization bypass exploits.

Group-IB Report Reveals AI-Powered Cybercrime Economy Worth Millions

• Dark web discussions about AI abuse have surged by 371% between 2019-2025, with criminals now offering AI-powered tools like DarkLLMs and deepfake services for as little as $30 per month in subscription models that mirror legitimate SaaS businesses.

• The report identifies cybercrime's "fifth wave" where AI has industrialized attacks by turning human skills like persuasion and coding into scalable services, enabling even novice actors to launch sophisticated campaigns that were previously limited to advanced threat groups.

• APT groups including APT28, APT35, and Lazarus are now integrating AI into their operations, while new attack vectors emerge including AI-generated synthetic identities that have infiltrated over 300 companies and caused $347 million in verified deepfake fraud losses.

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

• A sophisticated phishing campaign is hitting Russian organizations with a multi-stage attack that deploys Amnesia RAT and ransomware, leveraging GitHub for scripts and Dropbox for binaries while abusing the defendnot tool to disable Microsoft Defender before deploying surveillance and destructive payloads.

• This attack demonstrates how adversaries are weaponizing legitimate cloud services and open-source security tools to evade detection and complicate takedown efforts, with the campaign achieving full system compromise without exploiting any software vulnerabilities by systematically abusing native Windows features and policy enforcement mechanisms.

• Security teams should enable Tamper Protection on endpoints to prevent unauthorized changes to Defender settings, monitor for suspicious API calls to Windows Security Center, implement application control policies to block unauthorized PowerShell execution, and establish behavioral detection rules for defendnot abuse and unusual GitHub/Dropbox traffic patterns from endpoints.

Automotive Cybersecurity Market Set to Hit $28 Billion by 2036 as Regulators and SDVs Force Security Into Every Layer

• The automotive cybersecurity market is projected to grow from $4.4 billion in 2026 to $28.1 billion by 2036 at a 20.4% CAGR, driven by mandatory UN R155/R156 regulations that transform vehicle security from optional to a type-approval requirement across Europe, Asia, and Latin America, while software-defined vehicles and OTA updates multiply attack surfaces across embedded ECUs, cloud platforms, and sensor fusion systems.

• This isn't just about protecting cars anymore, it's about protecting entire ecosystems where tariffs are forcing localized secure hardware development in the US, high-profile cyber incidents are pushing adoption of in-vehicle and cloud-based SOCs, and OEMs must now secure everything from APIs to telematics as part of integrated defense strategies that cover the full vehicle lifecycle from design to decommissioning.

• Consider evaluating partnerships with established players like Infineon, NXP, Argus, or VicOne who are actively consolidating the market through acquisitions and regional partnerships, assess whether your product roadmap addresses both regulatory compliance and the expanded attack surface of connected vehicles, and explore positioning around secure-by-design architectures that can serve both cost-conscious OEMs facing tariff pressures and premium manufacturers requiring end-to-end cybersecurity governance.

Ex-Palantir Engineer Raises $40M for Cyber Startup Outtake With Microsoft CEO Backing

• Former Palantir engineer Alex Dhillon secured $40 million in Series B funding for Outtake, a cybersecurity startup that uses autonomous AI agents to detect and remove cyberthreats like phishing through email verification and other applications.

• The funding round was led by Iconiq with participation from high-profile investors including Microsoft CEO Satya Nadella, Palo Alto Networks CEO Nikesh Arora, and Palantir CTO Shyam Sankar, demonstrating strong industry confidence in AI-driven cybersecurity solutions.

• Outtake has achieved significant growth metrics including sixfold increase in annual recurring revenue year-over-year and scanning 20 million potential cyberattacks last year, with customers including OpenAI, AppLovin, and Bill Ackman's Pershing Square.

Mesh Security Raises $12M Series A to Unify Fragmented Enterprise Cyber Tools

• Mesh Security secured $12 million in Series A funding led by Lobby Capital with participation from S Ventures (SentinelOne CVC) and Bright Pixel Capital, bringing total funding to $18 million since inception in 2022.

• The platform addresses tool sprawl by unifying enterprise security tools across cloud, SaaS, and networks into a single operational system, eliminating fragmented security data and disjointed processes without vendor lock-in.

• Founded by former offensive and defensive cloud security experts Netanel Azoulay (CEO) and Omri Haring (CTO), the company employs 25 people across Palo Alto headquarters and Israel R&D center.

IONIX External Exposure Management

External attack surface mgmt platform for discovering & remediating exposures

Absolute Security Resilience

Firmware-embedded endpoint resilience platform for device recovery & security

VulnSign Dynamic Application Security Testing

DAST tool for scanning web apps, microservices, and APIs for vulnerabilities

Thank you for reading this week's brief.

If you found this brief valuable, please forward it to one peer who is currently building or securing a B2B startup.

I’m constantly refining this intelligence for you. Was this week's market analysis useful?

Just hit Reply and let me know, I read every message.

P.S. Whenever you’re ready, there are two ways I can help you:

1. Founders: Need a Fractional CISO to unblock enterprise deals or lead your cybersecurity maturity journey? Book a Discovery Call
2. Vendors: Want to get your product in front of 15k+ security researchers on CybersecTools? Submit Your Product

Talk to you in the next one.

Nikoloz

In this week's brief:

• Palo Alto Networks Emergency Patch: Critical DoS vulnerability allows attackers to force firewalls into maintenance mode, disabling protections entirely. Action: Patch immediately - 6,000 exposed systems are sitting ducks for coordinated attacks.
• Healthcare Email Certificate Crisis: 4% of healthcare email connections use unverifiable certificates while cloud platforms prioritize delivery over security. Risk: Your PHI transmissions may be flying blind through compromised channels without you knowing it.
• Infoblox-Axur Acquisition: Security consolidation continues as network security meets external threat disruption. Strategy: The market is rewarding platform plays over point solutions - time to evaluate your integration roadmap.

A quick note before we dive in.

Strategic Intelligence

Palo Alto Networks Patches High-Severity DoS Bug That Could Disable Firewall Protections

• CVE-2026-0227 allows unauthenticated attackers to trigger denial-of-service conditions that force next-generation firewalls running PAN-OS 10.1 or later into maintenance mode, effectively disabling firewall protections.

• The vulnerability affects firewalls and Prisma Access configurations when GlobalProtect gateway or portal is enabled, with most cloud-based instances already patched and remaining customers scheduled for upgrades.

• Security updates are available for all affected versions, while approximately 6,000 Palo Alto Networks firewalls remain exposed online according to Shadowserver tracking data.

Healthcare's Email Security Certificate Crisis Exposes Millions of PHI Messages to Risk

• Paubox analysis of 803,378 healthcare email connections found that 4% went to servers with unverifiable certificates, including expired and self-signed certificates that cannot validate server identity.

• Cloud email platforms like Microsoft 365 and Google Workspace prioritize deliverability over security by accepting invalid certificates and delivering messages anyway, creating hidden compliance gaps that organizations rarely detect.

• Up to 19 million healthcare email addresses are at risk due to certificate failures across the vendor ecosystem, with business associates using outdated mail servers that present invalid certificates while handling PHI transmissions.

Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts

• Arctic Wolf detected automated attacks starting January 15, 2026, where threat actors exploited SSO vulnerabilities to create persistence accounts, modify VPN configurations, and exfiltrate firewall configurations from FortiGate devices.

• The attacks leverage malicious SSO logins using accounts like cloud-init@mail.io and cloud-noc@mail.io, followed by immediate configuration downloads and creation of secondary admin accounts within seconds, indicating automated behavior.

• This campaign appears related to the December 2025 FortiCloud SSO authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719), though it's unclear if current patches fully address this new threat activity.

Leadership Insights

Guardz 2025 SMB Cybersecurity Report Reveals Half of Small Businesses Already Breached

• Survey of 800 SMBs shows 50% have already experienced a cyber incident, with 61% believing future cyber risk will increase, while only 34% have a professionally built incident response plan in place.

• Human error remains the top vulnerability at 45% of identified weaknesses, followed by targeted cybercriminal attacks at 43% and outdated technologies at 42%, highlighting gaps that MSPs can address.

• Organizations with formal incident response plans achieved an 80% success rate in avoiding major damage, demonstrating the critical value of preparation and creating opportunities for MSPs to provide AI-powered security services to overwhelmed SMBs.

Barracuda Report Shows 78% of Organizations Experienced Email Security Breaches in Past Year

• Phishing attacks and business email compromise affected most victims, with 71% of email breach victims also experiencing ransomware attacks during the same period, highlighting the interconnected nature of email-based threats.

• Organizations face average recovery costs of $217,068 per breach, with smaller companies (50-100 employees) paying disproportionately more at $1,946 per employee compared to $243 per employee for larger firms (1,000-2,000 employees).

• Advanced evasion techniques create the biggest obstacle to rapid incident response according to 47% of victims, while 44% cite lack of automated incident response capabilities as a major barrier to effective threat containment.

Identity Security Outlook 2026: NHI Crisis and AI Adoption Gap

• North American enterprises now manage machine-to-human identity ratios of at least 100:1, with some sectors reaching 500:1, while only 12% have automated lifecycle management creating a massive governance gap.

• While 91% of organizations are piloting or using AI in IAM operations, only 7% have achieved organization-wide deployment, revealing a 22-point optimism gap between executive expectations and current outcomes.

• 76% of firms are consolidating or evaluating vendor unification to address fragmentation issues, with one in three organizations spending more time managing vendors than privileged users.

AI & Security

1Password Addresses AI Development Security Risks Through IDE Integration

• IDEsaster research identifies 30+ vulnerabilities across AI-powered IDEs where prompt injection can manipulate agents to leak credentials through untrusted project content like documentation and configuration files.

• AI-accelerated development creates expanded attack surfaces as credentials are often hardcoded into local files or exposed to language model context for convenience, turning speed gains into persistent security risks.

• 1Password's Cursor Hooks integration enforces just-in-time secret access where credentials remain in dedicated secret managers and are only injected at runtime after explicit user approval, maintaining developer velocity while preventing credential exposure.

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

• Researchers discovered a prompt injection vulnerability in Google Gemini that allowed attackers to bypass calendar privacy controls by embedding malicious natural language prompts within standard calendar invites.

• When users asked Gemini innocuous questions about their schedule, the AI would parse the hidden prompt and create new calendar events containing exfiltrated private meeting data, which could then be accessed by attackers in enterprise environments.

• The attack demonstrates how AI-native features can expand the attack surface, with vulnerabilities now existing in language and AI behavior rather than just traditional code, highlighting the need for organizations to audit AI workloads and authorization controls.

Check Point Discovers First Advanced AI-Generated Malware Framework Called VoidLink

• Check Point Research documented VoidLink as the first evidence-based case of a sophisticated malware framework authored almost entirely by artificial intelligence, reaching functional status in under a week through Spec Driven Development methodology.

• The framework employs advanced technologies including eBPF and LKM rootkits with dedicated modules for cloud enumeration and post-exploitation in container environments, demonstrating capabilities previously associated with well-resourced threat groups.

• OPSEC failures by the developer exposed development artifacts showing how a single individual used AI to plan, build, and iterate complex systems at unprecedented speed, normalizing high-complexity attacks that would typically require coordinated teams.

Market Intelligence

Rapid7 Partners with ARMO to Add Cloud Runtime Security to Command Platform

• Rapid7 has announced a strategic partnership with ARMO to integrate Cloud Application Detection & Response (CADR) capabilities into the Rapid7 Command Platform, providing real-time threat detection across cloud assets and workloads.

• The integration enables security teams to detect active threats in real time, correlate runtime events with misconfigurations and vulnerabilities, and respond instantly by isolating compromised workloads or terminating malicious processes.

• The new capability supports AWS, Azure, and multicloud environments as part of Exposure Command Ultimate, allowing organizations to move from reactive defense to preemptive response against modern cloud attacks.

Infoblox Acquires Axur to Expand Preemptive Security Against External Threats

• Infoblox plans to acquire Axur, a provider of AI-powered security solutions, to enhance its preemptive security capabilities against brand abuse, credential exposure, and external digital threats beyond traditional network perimeters.

• Axur's automated threat detection platform can notify phishing detections for takedown in under four minutes and achieves nearly 99 percent takedown success rates, using AI to discover, validate, and remove malicious infrastructure before it can be weaponized.

• The acquisition is expected to close in Spring 2026 subject to regulatory approvals, combining Infoblox's DNS-layer blocking capabilities with Axur's external threat disruption to reduce median attack uptime from days to hours.

Monnai Raises $12 Million for Identity and Risk Data Infrastructure

• California-based Monnai secured $12 million in funding led by Motive Partners, bringing total investment to $23 million for its AI-powered identity and risk data infrastructure that serves e-commerce, financial services, and fintech companies.

• The company processes tens of millions of transactions monthly through ultra-low-latency risk signals that help organizations with fraud prevention, streamline customer onboarding, and enable real-time credit decisioning using AI-based models.

• Monnai plans to use the investment to expand into Europe and Latin America while enhancing its core data infrastructure and growing its engineering and go-to-market teams to accelerate adoption among financial institutions and digital businesses.

Security Stack

Kiteworks HIPAA Compliance

HIPAA-compliant secure file sharing and collaboration platform for healthcare

ThreatMon AI

AI-powered threat intelligence platform with search, risk assessment & alerts

ZeroFox

External threat intelligence platform for surface, deep, and dark web monitoring

Thank you for reading this week's brief.

If you found this brief valuable, please forward it to one peer who is currently building or securing a B2B startup.

I’m constantly refining this intelligence for you. Was this week's market analysis useful?

Just hit Reply and let me know, I read every message.

P.S. Whenever you’re ready, there are two ways I can help you:

1. Founders: Need a Fractional CISO to unblock enterprise deals or lead your cybersecurity maturity journey? Book a Discovery Call
2. Vendors: Want to get your product in front of 15k+ security researchers on CybersecTools? Submit Your Product

Talk to you in the next one.

Nikoloz

In this week's analysis:

• AWS SDK Supply Chain (CodeBreach): Researchers found a way to compromise the JavaScript SDK powering 66% of cloud environments. Action: Review your GitHub ACTOR_ID filters and regex patterns in CI/CD pipelines before someone else finds your gaps.
• AI Attack Explosion: Daily cyberattacks jumped from 2.3 million to 9 million in one year thanks to AI tools making attacks faster and easier. Reality Check: Your security team is now racing against AI-powered adversaries who can breach systems in 25 minutes instead of 44 days.
• CrowdStrike Buys Seraphic: The endpoint giant is moving into browser security, signaling the platform consolidation trend is accelerating. Strategic Insight: Security vendors who don't evolve into unified platforms will get squeezed out as customers demand fewer vendors, not more tools.

Strategic Intelligence

Wiz Research Discovers CodeBreach Vulnerability That Could Have Compromised AWS JavaScript SDK Supply Chain

• A flaw in AWS CodeBuild authentication controls created systemic supply chain risk, where compromise of a single CI/CD pipeline could have cascaded into widespread customer impact through the AWS Console and SDKs used across the enterprise cloud ecosystem.

• The vulnerability enabled unauthenticated privilege escalation, allowing attackers to steal GitHub credentials and potentially inject malicious code into trusted software dependencies, representing a high-impact scenario for software integrity, regulatory exposure, and customer trust.

• The incident highlights the need for CISO oversight of CI/CD security governance, including third-party build systems, identity validation controls, and approval gates, as cloud-native development pipelines remain a prime target for nation-state and criminal actors.

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

• The volume and severity of vulnerabilities underscore persistent endpoint risk across enterprise Windows environments, reinforcing the importance of disciplined patch governance and executive visibility into remediation timelines.

• The actively exploited Desktop Window Manager flaw demonstrates how low-level information disclosure can be weaponized to bypass modern defenses, increasing the likelihood of ransomware, espionage, or lateral movement attacks if left unpatched.

• Secure Boot and driver-related fixes highlight firmware and trust-chain weaknesses that CISOs must factor into risk assessments, especially for regulated industries relying on device integrity assurances.

Data Broker Exposes 45 Million French Records in Aggregated Database

• The aggregation of multiple breach datasets into a single exposed repository illustrates the long-tail risk of third-party data brokers, where legacy incidents continue to amplify impact years after initial compromise.

• The combination of healthcare, financial, and government registry data represents high regulatory and reputational risk, particularly under GDPR, with downstream consequences for organizations whose data feeds such ecosystems.

• This incident reinforces the need for CISO-led data lifecycle and vendor risk management, including strict data minimization, contractual controls, and monitoring of how organizational data may be resold or recombined by external entities.

In this week's brief:

• Zestix threat actors compromised 50+ major enterprises using stolen credentials from old infostealer infections, highlighting how basic MFA gaps continue to enable massive breaches
• AI-generated code contains 1.7x more security vulnerabilities than human-written code, particularly struggling with error handling and password security implementations
• 41% of large enterprises accidentally hired fake candidates created with AI deepfakes, with nearly all organizations experiencing some form of AI impersonation attempts

A quick note before we dive in.

Industry News

Zestix Threat Actor Breaches 50+ Companies Using Stolen Credentials From Infostealer Infections

• Threat actor Zestix (alias Sentap) has compromised approximately 50 major global enterprises by exploiting credentials harvested from infostealer malware infections on employee devices, targeting ShareFile, OwnCloud, and Nextcloud platforms across aviation, defense, healthcare, and government sectors.

• The breaches occurred due to organizations failing to enforce Multi-Factor Authentication (MFA), allowing attackers to access corporate file-sharing portals using valid username and password combinations extracted from years-old infostealer logs without requiring sophisticated exploits or session hijacking techniques.

• Notable victims include Iberia Airlines (77GB of aircraft maintenance data), Intecro Robotics (11.5GB of ITAR-controlled defense blueprints), Maida Health (2.3TB of Brazilian Military Police medical records), and Pickett & Associates (139GB of critical utility infrastructure LiDAR files).

N8N Warns of Critical RCE Vulnerability with CVSS 10.0 Score

• The CVE-2026-21877 vulnerability affects both self-hosted and cloud versions of the n8n workflow automation platform, allowing authenticated users to execute untrusted code and potentially achieve full system compromise.

• Impacted versions include n8n >= 0.123.0 and < 1.121.3, with the fix available in version 1.121.3 released in November 2025, discovered by security researcher Théo Lelasseux.

• Administrators can mitigate the risk by disabling the Git node and restricting access for untrusted users if immediate patching to version 1.121.3 or later is not feasible.

BGP Route Leak Analysis: Venezuela ISP Shows Pattern of Routing Misconfigurations

• Cloudflare investigated a BGP route leak by Venezuelan ISP CANTV (AS8048) on January 2nd, finding it was likely caused by insufficient routing export policies rather than malicious intent, with the leaked routes being heavily prepended making them less attractive for traffic routing.

• Analysis revealed CANTV has experienced eleven route leak events since December, all following the same pattern of redistributing customer routes to providers, indicating systemic configuration issues rather than targeted attacks despite speculation about government surveillance capabilities.

• The incident highlights the need for better BGP security mechanisms like ASPA (Autonomous System Provider Authorization) and RFC9234 implementation, as traditional RPKI Route Origin Validation would not have prevented this path-based anomaly affecting Venezuelan telecom prefixes.

In this week's brief:

• Trust Wallet's browser extension was compromised in another Shai-Hulud supply chain attack, draining $8.5 million from over 2,500 wallets and highlighting how even established crypto platforms remain vulnerable
• Human risk incidents jumped 90% according to KnowBe4's latest study, with AI applications now the second-fastest growing attack vector as employees struggle with unauthorized AI tool usage
• The job market reality check continues as a retired military professional with 12 years of experience and a CISSP can't land interviews, reflecting broader workforce challenges many of us are witnessing

A quick note before we dive in.

A Quick note

Is Security Blocking Your Business?

Need a security leader on your team but don't need a full-time hire? Let's talk.

Book a Free Discovery Call

Industry News

Phishing Campaign Leverages Google Cloud Automation to Evade Detection

• Attackers sent 9,394 phishing emails from legitimate Google address by abusing Google Cloud's Application Integration Send Email task to impersonate routine enterprise notifications like voicemail alerts and file access requests.

• The campaign used a multi-stage redirection flow starting with trusted storage.cloud.google.com links, then filtering through fake CAPTCHAs on googleusercontent.com, before ultimately directing victims to fake Microsoft login pages hosted on non-Microsoft domains.

• Primary targets included manufacturing (19.6%), technology/SaaS (18.9%), and finance/banking/insurance (14.8%) organizations across the United States (48.6%), Asia-Pacific (20.7%), and Europe (19.8%), with the attack leveraging legitimate cloud infrastructure to bypass traditional sender reputation controls.

RondoDoX Botnet Weaponizes React2Shell Against Next.js Applications

• CloudSEK researchers discovered a nine-month RondoDoX botnet campaign that recently shifted to exploiting a critical Next.js vulnerability, deploying malicious payloads including cryptominers and the "React2Shell" backdoor through six confirmed C2 servers.

• The threat actors have conducted over 40 exploitation attempts within six days targeting Next.js Server Actions through prototype pollution attacks, while simultaneously maintaining automated campaigns against IoT devices including routers and cameras.

• The campaign demonstrates three distinct phases from March to December 2025, with attackers deploying multi-architecture binaries across x86, ARM, and MIPS systems while implementing aggressive persistence mechanisms that terminate competing malware and establish cron-based backdoors.

Trust Wallet Chrome Extension Compromised Through Shai-Hulud Supply Chain Attack, $8.5 Million Stolen

• Trust Wallet's GitHub secrets were exposed during the second iteration of the Shai-Hulud supply chain attack, allowing threat actors to gain Chrome Web Store API access and push a malicious version 2.68 of their browser extension on December 24, 2025.

• The trojanized extension contained a backdoor that harvested wallet mnemonic phrases from all configured wallets during every unlock attempt, exfiltrating the data to a domain hosted on bulletproof hosting provider Stark Industries Solutions.

• The attack resulted in $8.5 million in cryptocurrency being drained from 2,520 wallet addresses, with Trust Wallet now processing reimbursement claims while implementing additional monitoring controls to prevent future supply chain compromises.

As we wrap up 2025, I want to thank you for sticking around for Mandos Brief and reflect on this year.

In August, I embarked on a solopreneur journey focusing on two things that I always wanted to work on:

1) Advisory - using my expertise to help organizations improve their security, resilience, and enable business growth

2) Building a product - building CybersecTools into the number 1 destinations for security teams to discover cybersecurity products

The journey is never smooth and full of ups and downs, but the truth is that I love every moment I spend on these two items, learning a lot about sales, marketing, accounting (yes, even that), coding, AI agents, and, of course, catching up with the cybersecurity industry through this Brief.

There is one additional product I am working on currently to truly bring clarity to this crazy, overloaded market of cybersecurity products. This time, helping cybersecurity companies win customers and crush competition through data-based decisions they can't get anywhere else. Coming in Q1 2026, if you work for a cybersecurity company and are interested, let me know.

Wishing you and your loved ones a wonderful holiday season and all the best for 2026! 🥂

And back to the newsletter... Here is what you can expect in this brief:

• Cisco email security appliances are under active attack by UAT-9686 threat actors, with complete rebuilds being the only way to remove persistent backdoors from compromised systems
• NIST published its AI Cybersecurity Framework Profile for public comment, giving us the first structured approach to balance AI adoption with emerging security risks
• Nearly all CISOs now see hybrid infrastructure as their best bet for resilience, with 97% agreeing it beats putting all eggs in one cloud or on-premises basket

Industry News

Cisco Confirms Active Cyberattacks Against Email Security Appliances

• The UAT-9686 threat actor is actively exploiting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances that have the Spam Quarantine feature exposed to the internet, allowing root privilege command execution.

• Affected appliances show evidence of a persistence mechanism planted by attackers to maintain ongoing access, with Cisco recommending complete appliance rebuilding as the only viable option to eradicate the threat.

• The attack specifically targets appliances with both the Spam Quarantine feature enabled and exposed to the internet, assigned CVE-2025-20393 with Critical severity affecting all releases of Cisco AsyncOS Software.

MongoDB Warns Admins to Patch Severe Vulnerability Immediately

• CVE-2025-14847 is a high-severity memory-read vulnerability affecting multiple MongoDB versions that allows unauthenticated attackers to exploit the server's zlib implementation remotely without user interaction.

• The flaw stems from improper handling of length parameter inconsistency in zlib compressed protocol headers, potentially allowing attackers to read uninitialized heap memory and gather sensitive information from targeted systems.

• MongoDB strongly recommends immediately upgrading to patched versions (8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, or 4.4.30) or disabling zlib compression on MongoDB servers as a temporary workaround until patches can be applied.

Fortinet Warns of Active Exploitation of CVE-2020-12812 LDAP Bypass Vulnerability

• Fortinet has observed recent exploitation of CVE-2020-12812 (FG-IR-19-283) in FortiGate devices where attackers bypass two-factor authentication by exploiting case-sensitive username handling differences between FortiGate and LDAP directories.

• The vulnerability allows attackers to authenticate using alternate case variations of usernames (e.g., "Jsmith" instead of "jsmith") which causes FortiGate to fail local user matching and fall back to LDAP group authentication, bypassing 2FA requirements entirely.

• Organizations can mitigate this issue by upgrading to FortiOS 6.0.10, 6.2.4, or 6.4.1 and setting "username-case-sensitivity disable" on all local accounts, or removing unnecessary secondary LDAP group configurations that enable the authentication bypass.

Here is what went down this week:

• GitHub token attacks are enabling attackers to move from compromised repositories directly into cloud environments, with most organizations storing cloud credentials in Action Secrets
• 83% of enterprises use AI but nearly half have little visibility into how these systems access their data, creating significant governance blind spots
• Entry-level cybersecurity jobs have become brutally competitive with salaries dropping 20-30% and Security+ certs no longer enough to land most positions

A quick note before we dive in.

A Quick note

Is Security Blocking Your Business?

Need a security leader on your team but don't need a full-time hire? Let's talk.

Book a Free Discovery Call

Industry News

GitHub PAT Attacks Enable Cross-Cloud Lateral Movement

• Attackers are leveraging compromised GitHub Personal Access Tokens to discover Action Secrets names through API code search, then creating malicious workflows to execute code and steal cloud credentials from organizations.

• Threat actors bypass GitHub's secret masking by encoding stolen credentials twice with Base64 or exfiltrating them to external webhook endpoints, allowing them to print raw secret values in Action logs for credential harvesting.

• The attack enables lateral movement from GitHub repositories directly into victim cloud environments, with 73% of organizations storing CSP credentials in GitHub Action Secrets and 45% keeping plaintext cloud keys in private repositories.

Amazon Confirms 5-Year Russian Cyberattack Campaign Targeting AWS Infrastructure

• Amazon threat intelligence has confirmed a Sandworm-linked Russian state-sponsored cyberattack campaign targeting AWS-hosted devices since 2021, focusing primarily on Western energy sector infrastructure in North America and Europe.

• The attacks exploit misconfigured customer network edge devices rather than unpatched vulnerabilities, with threat actors taking advantage of exposed management interfaces and overly permissive identities to maintain persistent access.

• Amazon's CSO separately disclosed blocking over 1,800 suspected North Korean IT workers since April 2024, who use stolen identities and laptop farms to secure remote positions and funnel earnings back to DPRK weapons programs.

Silent Whisper Vulnerability Allows Covert Tracking of WhatsApp and Signal Users

• Researchers disclosed a tracking technique that exploits delivery acknowledgments in WhatsApp and Signal, allowing attackers to monitor devices silently using only a phone number without triggering visible messages or notifications.

• The vulnerability causes significant battery drain during continuous probing, with test devices losing 14-18% battery per hour compared to normal 1% hourly consumption, while also consuming mobile data and disrupting bandwidth-heavy applications.

• A publicly available proof-of-concept tool enables probing at 50ms intervals to reveal daily routines, sleep schedules, and travel patterns through response time analysis, with the vulnerability remaining exploitable as of December 2025.

In this week's brief:

• NANOREMOTE backdoor is using Google Drive API for command and control, blending malicious traffic with legitimate cloud services in a way that's pretty clever
• Stanford researchers proved their AI agent outperformed 9 out of 10 human penetration testers in live enterprise testing, which should make us all think about where this industry is heading
• The cybersecurity job market has hit its worst point in 15 years, with seasoned professionals reporting they can't even get interviews despite strong credentials

A quick note before we dive in.

A Quick note

Is Security Blocking Your Business?

Need a security leader on your team but don't need a full-time hire? Let's talk.

Book a Free Discovery Call

Industry News

Elastic Security Labs Discovers NANOREMOTE Windows Backdoor Using Google Drive API

• Elastic Security Labs identified a fully-featured Windows backdoor called NANOREMOTE that shares code similarities with FINALDRAFT and REF7707 malware, likely developed by the same espionage threat actor for reconnaissance and data theft operations.

• The malware leverages the Google Drive API for command and control communications, enabling file transfers and payload staging through legitimate cloud services that blend with normal network traffic and evade traditional detection methods.

• NANOREMOTE features 22 command handlers providing comprehensive capabilities including system enumeration, command execution, custom PE loading using libPeConv library, and task management for file operations with pause/resume functionality.

Zscaler ThreatLabz Analyzes BlackForce Phishing Kit

• BlackForce is a new phishing kit first observed in August 2025 with five distinct versions that enables Man-in-the-Browser attacks to steal credentials and bypass MFA through real-time operator interaction.

• The kit has been used to impersonate over 11 brands including Disney, Netflix, DHL, and UPS, and is actively sold on Telegram forums for €200–€300 with sophisticated evasion techniques including ISP and security vendor blocklists.

• BlackForce evolved from a stateless to stateful architecture across versions, implementing persistent session storage and dual-channel communication that separates phishing servers from Telegram data exfiltration to ensure resilience.

MITRE Releases 2025's Top 25 Most Dangerous Software Weaknesses

• MITRE analyzed 39,080 CVE Records from June 2024 to June 2025, identifying the most critical software weaknesses that enable threat actors to compromise systems and steal data.

• Cross-Site Scripting (XSS) retains the top spot while Missing Authorization, NULL Pointer Dereference, and Missing Authentication showed the biggest upward movement in rankings.

• Six new entries joined the list including Classic Buffer Overflow, Stack-based Buffer Overflow, Heap-based Buffer Overflow, and Improper Access Control, highlighting evolving threat landscapes.

In this week's brief:

• React and Next.js applications are facing immediate exploitation risk through newly discovered RCE vulnerabilities that affect default configurations and require urgent patching
• AI agents are now capable of autonomously exploiting smart contracts for millions in profit, with their success rate doubling every 1.3 months in recent research
• Supply chain security programs are failing spectacularly, with 97% of organizations experiencing breaches despite increased spending and established TPRM initiatives

A quick note before we dive in.

A Quick note

Is Security Blocking Your Next Enterprise Deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Industry News

Critical RCE Vulnerabilities Discovered in React and Next.js Server Components

• CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) are critical unauthenticated remote code execution vulnerabilities affecting React Server Components through insecure deserialization in the RSC "Flight" protocol with near-100% exploitation reliability.

• Default configurations of Next.js applications created with create-next-app are immediately vulnerable, requiring only a crafted HTTP request for exploitation without any developer code changes needed.

• Wiz Research data reveals 39% of cloud environments contain vulnerable instances, with patches now available for React versions 19.0-19.2 and Next.js versions 14.3.0-canary through 16.x requiring immediate updating.

Attackers Abuse OAuth Flows to Bypass MFA and Gain Persistence in Azure Environments

• Threat actors are exploiting device code phishing to obtain access tokens while bypassing MFA checks, with less than 50% of customers implementing Conditional Access policies to block these flows.

• ROPC (Resource Owner Password Credentials) authentication is being weaponized for credential stuffing attacks, with only 0.2% of attempts blocked by CA rules despite being a legacy protocol that skips modern security controls.

• Attackers chain successful token acquisition to register devices and configure Windows Hello for Business, creating 90-day persistence through Primary Refresh Tokens that satisfy high-assurance authentication requirements.

Albiriox RAT Targets Global Financial and Cryptocurrency Applications

• Researchers discovered Albiriox, a new Android malware family offered as Malware-as-a-Service for $650-720 monthly by Russian-speaking threat actors who use VNC-based remote access and overlay attacks for on-device fraud.

• The malware targets over 400 financial applications including banks and cryptocurrency wallets through a two-stage deployment using dropper applications and social engineering lures that bypass static detection methods.

• Albiriox enables complete device takeover through accessibility services that circumvent Android's FLAG_SECURE protections, allowing attackers to perform fraudulent transactions while displaying black screen overlays to hide malicious activity.

The €20M Problem Hiding in Plain Sight

Last month, I met with a founder who had just lost a €2.4M deal to a competitor. It wasn’t because their product was worse; in fact, it was better. But when the enterprise buyer asked about their incident response plan, they were directed to AWS documentation. The competitor answered confidently and backed it up with evidence from their own security program in just five minutes.This isn't an edge case. It's the norm.I’ve looked at data from dozens of companies. Security reviews now block or delay 73% of enterprise deals over €500K. On average, deals are delayed by 10 to 12 weeks, costing about €200K per month in stalled pipeline.Still, most B2B companies treat security as just another box to check and plan to deal with it later.

Why Traditional Approaches Fail Spectacularly

Here's what typically happens when companies try to solve this themselves:

The Big 4 Consultant Route: €150K and 18 months later, you have enterprise-grade security perfect for a 1,000-person company. Meanwhile, your 50-person startup is drowning in processes that slow everything down. Three competitors won deals while you were writing policies.

The Full-Time CISO Hire: Six-month search, €180K salary plus equity, and they want to build a security empire. Eighteen months later, they leave for a FAANG company. You're back to square one with even more complex systems no one understands.

The DIY Approach: Your CTO reads ISO 27001 standards on weekends. The engineering team rebels against security controls they see as bureaucratic nonsense. Audit fails. Deals continue to die.

The vCISO Advantage: Speed Without Compromise

A fractional vCISO can make a huge difference, but not in the way most people expect.It’s not just about having a security leader available. It’s about working with someone who has closed these kinds of deals more than 50 times and knows exactly what enterprise buyers really care about, not just what they say they care about.

A Quick note

Ready to Stop Losing Deals to Security Questions?

Your competitors aren't waiting. Neither should you. Book a 30-minute call to diagnose your security readiness

Book a Free Discovery Call

What Actually Moves the Needle

After supporting security discussions with Goldman Sachs, Commonwealth Bank, and dozens of Fortune 500 buyers, here's what really accelerates deals:

1. Confidence Through Preparation: Enterprise buyers don’t expect you to be perfect. They want you to know your security posture inside and out. A vCISO ensures your sales team can answer the top 10 security questions without hesitation by preparing them with clear scripts and real evidence.

2. The 6-Month ISO 27001 Sprint: Most people say ISO 27001 takes 18 months, but that’s not true. With someone who’s done it over 50 times, you can get audit-ready in 6 months by focusing on the 34 essential controls that matter, instead of all 114. You get the same certificate, three times faster, at half the cost.

3. Risk-Based Prioritization: Not all security gaps are created equal. A vCISO knows which ones will kill deals and which ones nobody actually checks. We fix the deal-breakers first, park the nice-to-haves for later.

The Compliance Acceleration Framework

Traditional compliance treats every requirement the same, which is why it takes so long and becomes so expensive.

My approach, refined across 50+ implementations:

Month 1-2: Implement only what auditors actually verify 

Month 3-4: Automate evidence collection (saving 80% of manual work) 

Month 5: Mock audit to catch gaps 

Month 6: External audit and certification

The result is that you’re competing for enterprise deals with a compliance certification that took your competitors three times as long to get.

The Hidden ROI Most Miss

Most people add up the obvious costs like consultant fees, audit expenses, and tools. But they often miss the bigger financial picture:

Revenue Acceleration

• Average enterprise deal blocked by security: €1.2M
• Time to close without proper security: 14 weeks
• Time to close with vCISO-built program: 6 weeks
• Revenue pulled forward: €2.4M per quarter

Cost Avoidance

• Big 4 consultant for 18 months: €180K
• Full-time CISO (salary + benefits + equity): €250K/year
• Fractional vCISO getting same results: €76K/year

Here’s something people rarely mention: while your competitors are still working toward compliance, you’re already certified and winning their prospects.

The Uncomfortable Truth About Security Theater

The security industry doesn’t usually admit this, but 80% of what consultants recommend is just security theater meant to justify their fees.

You don't need:

• All 114 ISO 27001 controls implemented
• A 40-page incident response plan nobody will read
• Monthly penetration tests
• Three different SIEM tools

You need:

• The 34 controls auditors actually check
• A one-page incident response checklist people will actually use
• Automated security testing in your CI/CD pipeline
• One properly configured monitoring solution

A good vCISO removes the unnecessary extras and focuses on what truly protects your business and helps you close deals.

When vCISO Makes Sense (And When It Doesn't)

Perfect fit if you're:

• B2B SaaS between €5M-€50M ARR
• Targeting enterprise customers
• Losing deals to security questions
• Under pressure for compliance certification
• Growing 2x+ annually

Wrong fit if you're:

• Consumer-focused business
• Under €2M ARR (unless investor-mandated)
• Already have a mature security program
• Your industry regulations or contracts explicitly require a designated security executive

The First 90 Days

When I begin working with a new client, the change happens right away:

Week 1: Security posture assessment – know exactly where you stand 

Week 2-4: Fix the top 5 deal-breakers 

Month 2:Sales team trained and confident on security responses 

Month 3: Compliance automation running, evidence collection itself 

Day 91: First enterprise deal closed that would have stalled

No building unnecessary empires. No over-complicated systems. 

Just practical security that helps your business grow.

Beyond Compliance

The best vCISOs do more than just check boxes. They become a strategic advantage for your business:

• Board Readiness: Transform security from black box to business metrics
• M&A Preparedness: Security due diligence ready before you need it
• Investor Confidence: Answer security questions in fundraising with authority
• Crisis Leadership: When incidents happen, experience matters more than plans

A Quick note

Stop Watching Deals Die in Security Reviews.

Your competitors are already moving. Time to accelerate. Let's build your enterprise-ready security program.

Book a Free Discovery Call

FAQ

Q: How is a vCISO different from a security consultant?

A: Consultants give you advice and then move on. A vCISO takes responsibility for results. They don’t just write reports about what you should do; they build your security program, train your team, and stand behind it when enterprise buyers have questions. If there’s an incident at 10 PM, you call them, not search for a consultant’s PDF.

Q: Can't we just hire a full-time CISO?

A: You could spend six months searching, pay €180K plus equity, and hope the person stays. Or you could get someone with 13 years of experience to start next week at a third of the cost. Most companies with fewer than 200 employees don’t need a full-time CISO; they need security leadership for 2 or 3 days a week. That’s the best way to get expertise without extra overhead.

Q: How quickly can we get ISO 27001 certified?

A: 6 months if your organization fully commits and has a dedicated project owner. I did it in 84 days when a massive deal was on the line. The companies taking 18-24 months are implementing unnecessary controls and treating it like an academic exercise. We focus on the 34 essential controls auditors actually verify, not all 114.

Q: What if we already have some security measures in place?

A: That’s great. Most companies already have 30 to 40 percent of what they need; they just don’t realize it. We’ll review what you have, identify key gaps, and build on your existing foundation. Often, just organizing and documenting what’s already there is half the work.

Q: How do you work with our existing CTO/technical team?

A: Your CTO should focus on building a product, not learning security frameworks. vCISO handles security strategy and compliance, while your technical team maintains its focus on what it does best. We meet weekly and handle security decisions; they execute technical implementations. It's about multiplication, not replacement.

Q: What about when we grow and need a full-time CISO?

A: That's the goal. Typically, around 200-300 employees or €50M ARR, a full-time CISO makes sense. When you're ready, we will help you hire the right person and ensure a smooth transition.

Q: Can you handle security incidents?

A: Yes, with clear boundaries. During business hours, we respond within 2 hours. For after-hours emergencies (ransomware, active breach), we are available at a 2x rate. More importantly, we'll build your incident response capability so your team can handle 90% of issues without escalation.

Q: What's the typical investment?

A: Between €6,400-€19,200 per month, depending on engagement level (2-6 days/month). Compare that to a full-time CISO at €15K-20 per month plus equity, or Big 4 consultants at €180K for a compliance project. The ROI is typically 10x within the first year, driven solely by accelerated deals.

Q: How do we know if vCISO is right for us?

A: Book a 30-minute call. I’ll ask you five questions about your sales pipeline, security setup, and growth plans. In ten minutes, we’ll both know if it’s a good fit. If not, I’ll tell you exactly what you should do instead. No sales pitch, just honest advice about what makes sense for you.

In this week's brief:

• The Shai-Hulud 2.0 attack compromised over 25,000 npm repositories using sophisticated typosquatting to harvest developer credentials and secrets across multiple package ecosystems
• Chinese state actors are using Claude AI to autonomously execute 80-90% of their attack operations, from reconnaissance to exfiltration, with minimal human intervention
• Cybersecurity salaries are dropping by approximately $20k across roles as companies capitalize on increased competition from laid-off workers to reduce compensation

A quick note before we dive in.

A Quick note

Is Security Blocking Your Next Enterprise Deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Industry News

SquareX Claims Comet Browser Vulnerability, Perplexity Disputes Research

• SquareX discovered a potential vulnerability in Perplexity's Comet AI browser that could allow attackers to execute local commands through a Model Context Protocol API and two hidden extensions.

• The attack requires compromising the agentic extension via XSS, MitM attacks, or gaining access to Perplexity systems, and SquareX demonstrated the exploit using an "extension stomping" technique to deploy ransomware.

• Perplexity strongly disputes the findings, calling it "fake security research" and stating the scenario is contrived, though they implemented preventive measures out of caution and claim users must consent to MCP installations.

Shai-Hulud 2.0 Supply Chain Attack Targets Over 25,000 Repositories With Credential Harvesting

• Threat actors have launched a massive supply chain attack called Shai-Hulud 2.0 that compromises over 25,000 npm package repositories to steal developer credentials and secrets.

• The attack involves publishing malicious packages that mimic legitimate libraries, with typosquatting techniques used to trick developers into installing compromised versions that exfiltrate sensitive data.

• The campaign demonstrates sophisticated persistence mechanisms and targets high-value organizations by harvesting authentication tokens, API keys, and other secrets from development environments across multiple package ecosystems.

Microsoft Teams B2B Guest Access Bypass Defeats Defender for Office 365 Protections

• Attackers can create malicious Microsoft 365 tenants without Defender protections and invite victims as guests, completely bypassing Safe Links, ZAP, and malware scanning that exist in the victim's home organization.

• Microsoft's MC1182004 feature "Chat with anyone with an email address" is enabled by default and allows threat actors to trivially deliver guest invitations to any email address, making this attack vector easily exploitable.

• When users accept guest invitations to external tenants, all security policies apply from the hosting tenant rather than their home organization, creating protection-free zones that attackers can exploit for phishing campaigns and malware distribution.

In this week's brief:

• OWASP's 2025 Top 10 introduces Software Supply Chain Failures as a new #3 category, while social engineering attacks jumped 1,450% in the first half of 2025
• ChatGPT vulnerabilities are enabling attackers to steal private data from hundreds of millions of users through 0-click attacks and memory poisoning techniques
• The "two million cybersecurity jobs" narrative gets debunked with real data showing only 514,000 actual openings, explaining why qualified professionals struggle to find work

A quick note before we dive in.

A Quick note

Is Security Blocking Your Next Enterprise Deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Industry News

Sturnus Banking Trojan Bypasses WhatsApp, Telegram and Signal Encryption

• Security researchers discovered Sturnus, an Android banking trojan that bypasses end-to-end encryption by capturing content directly from device screens after decryption, allowing attackers to monitor communications on WhatsApp, Telegram, and Signal in real-time.

• The malware provides extensive remote control capabilities including full device takeover, credential harvesting through fake banking app overlays, and the ability to black out screens while executing fraudulent transactions without victim knowledge.

• Currently in development phase with limited deployment, Sturnus targets financial institutions across Southern and Central Europe and uses advanced techniques including AES encryption for C2 communications, VNC protocol for remote sessions, and Android Accessibility Service abuse for comprehensive device monitoring.

Sneaky2FA Phishing Kit Adds Browser-in-the-Browser Attack Capability

• Push Security researchers discovered that the Sneaky2FA phishing-as-a-service kit has integrated Browser-in-the-Browser (BITB) techniques, creating fake Microsoft login pop-ups that mask the actual phishing URL while using reverse-proxy technology to steal credentials and bypass MFA.

• The attack chain begins with Cloudflare Turnstile bot protection, followed by a fake Adobe Acrobat document prompt that loads a convincing Microsoft login form in an embedded browser window that adapts to the victim's operating system and browser type.

• Sneaky2FA employs multiple evasion techniques including conditional loading to block security vendors, heavily obfuscated HTML/JavaScript code, domain rotation with randomized 150-character URLs, and anti-analysis methods that disable browser developer tools.

Azure Neutralizes Record-Breaking 15 Tbps DDoS Attack

• Azure DDoS Protection automatically detected and mitigated a massive 15.72 Tbps attack on October 24, 2025, targeting a single endpoint in Australia while maintaining uninterrupted service availability for customer workloads.

• The attack originated from the Aisuru botnet, a Turbo Mirai-class IoT botnet that exploited compromised home routers and cameras across residential ISPs in the United States and other countries.

• The multi-vector assault involved extremely high-rate UDP floods launched from over 500,000 source IPs with minimal source spoofing and random source ports, making it the largest DDoS attack ever observed in the cloud.

Most founders and CTOs approach building security programs the wrong way. Usually, they are either:

1. Trying to become security experts themselves (impossible while running a company)
2. Hiring Big 4 consultants who optimize for billable hours, not business outcomes
3. Procrastinating until an enterprise deal forces their hand (then panicking)

What most people don’t say is that you don’t have to become a security expert to build a security program. You should focus on your product and business, while someone with experience builds the security foundation that helps you win enterprise deals.

In this guide, I will show you how to build a security program aligned with ISO 27001 and SOC 2 in 90 days. You can do it yourself if you have the time and skills, or work with a fractional CISO if you want to stay focused on growing your business.

A Quick note

Want to build an enterprise-grade security program?

Let me show you how working with a fractional CISO can unlock your business through pragmatic security leadership.

Book a Free Discovery Call

The Real Problem: Founders and CTOs Drowning in Security

Here is what happens all the time:

Month 1: The enterprise prospect sends a 200-question security questionnaire. CTO spends 3 days answering it (poorly). Deal stalls.

Month 2: Board asks about security posture for Series B. Founder spends 2 weeks researching ISO 27001 requirements. Feels overwhelmed. Nothing gets implemented.

Month 3: Another enterprise deal blocked. CTO realizes they need "someone" to handle security. Starts 6-month search for full-time CISO. Meanwhile, deals keep dying.

Month 6: Still no CISO hire. €5-10M in enterprise pipeline blocked. Competitors with working security programs win the deals.

Sound familiar?

The hard truth is that building a security program takes a full-time effort for 90 days. As a founder or CTO, you likely don’t have that kind of time. You need to build your product, lead your team, and grow your business.

What "Security Program" Actually Means

Let’s be clear about what we’re building. A security program is not:

• ❌ A pile of security tools
• ❌ A checkbox compliance exercise
• ❌ Perfect, enterprise-grade security architecture
• ❌ A guarantee you'll never be breached

A security program IS:

• ✅ Documented policies and procedures that show you take security seriously
• ✅ Essential technical controls that actually reduce risk
• ✅ Evidence collection systems that prove you do what you claim
• ✅ Incident response capability when (not if) something goes wrong
• ✅ Clear answers to enterprise security questionnaires

This approach is what helps you win enterprise deals. It’s not about being perfect, but about showing real progress and maturity.

The 90-Day Security Program Framework

Whether you do this yourself or work with a fractional CISO, here’s the plan:

Month 1: Foundation (Weeks 1-4)

Week 1: Rapid Assessment

• Catalog what security measures already exist
• Identify gaps that block enterprise deals
• Prioritize based on actual customer questionnaires you've received
• Define "done" criteria aligned to ISO 27001 and SOC 2

Time investment if DIY: 40-60 hours (mostly your time)
Time investment with Fractional CISO: 4-6 hours (your strategic input only)

Weeks 2-4: Essential Controls ImplementationThe 34 controls that enterprise buyers actually care about:

• Information security policy
• Asset inventory
• Access control & authentication
• Change management process
• Backup procedures (tested, not theoretical)
• Incident response plan
• Risk assessment framework
• Vendor/third-party risk management
• Security awareness training
• Audit logging & monitoring

You don’t need all 114 controls or a perfect setup. Focus on the essential controls that answer most enterprise security questions.

Time investment if DIY: 120-160 hours (CTO + engineering team)
Time investment with Fractional CISO: 15-20 hours (review and decisions only)

A Quick note

Want to build an enterprise-grade security program?

Let me show you how working with a fractional CISO can unlock your business through pragmatic security leadership.

Book a Free Discovery Call

Month 2: Documentation and Automation (Weeks 5-8)

Weeks 5-6: Policy Documentation SprintWrite essential policies. Critical ones:

• Information security policy
• Access control policy
• Acceptable use policy
• Incident response policy
• Business continuity policy
• Data protection policy
• Vendor management policy
• Change management policy

This is where doing it yourself gets tough. Writing policies from scratch is why these projects can take up to 18 months. You need templates you can adjust and someone who understands what auditors really want, instead of over-complicating things.

Time investment if DIY: 80-100 hours (plus time learning what "good" looks like)
Time investment with Fractional CISO: 8-12 hours (review and approval only)

Weeks 7-8: Evidence Automation SetupImplement compliance automation tools (Vanta, Drata, Tugboat - €24-48K/year) and connect them to:

• Cloud infrastructure (AWS, Azure, GCP)
• Identity provider (Okta, Google Workspace)
• Development tools (GitHub, GitLab)
• Communication tools (Slack)
• HR systems

Automation can remove 80% of manual compliance work. Without it, you might spend over 160 hours each quarter collecting evidence by hand.

Time investment if DIY: 40-60 hours (figuring out integrations)
Time investment with Fractional CISO: 4-6 hours (decisions on tool selection)

Month 3: Validation and Preparation (Weeks 9-12)

Weeks 9-10: Internal Gap AssessmentReview your program against ISO 27001 and SOC 2 requirements:

• Policy completeness
• Evidence availability
• Control effectiveness
• Documentation accuracy
• Team's understanding of procedures

Weeks 11-12: Refinement

• Fix identified gaps
• Prepare evidence documentation
• Train team on security procedures
• Create response templates for common security questions

Time investment if DIY: 60-80 hours
Time investment with Fractional CISO: 10-15 hours (strategic reviews)

By week 12, you’ll have a working security program that matches ISO 27001 and SOC 2 standards. It may not be fully audit-ready yet, but it will be ready for security conversations with enterprise customers and for addressing their questions.

The Brutal Time Math: DIY vs Fractional CISO

Let's be honest about what building this yourself actually costs:DIY Security Program (90 days):

• Your time: 200-280 hours over 90 days (that's 20-30 hours per week)
• Security engineer time: 120-160 hours (if you even have one)
• Research and learning curve: 40-60 hours
• Tool evaluation and setup: 40-60 hours
• Total: 400-560 hours of senior technical time

That’s 10 to 14 weeks you could spend building your product, managing your team, and closing deals.With Fractional CISO (90 days):

• Your time: 50-70 hours over 90 days (5-7 hours per week for strategic decisions only)
• Fractional CISO handles: 150-180 hours of security program building
• Engineering team: 40-60 hours (implementation only, no research)
• Your total: 90-130 hours

You save 310 to 430 hours. That’s 8 to 11 weeks you can use for product work, hiring, fundraising, or closing enterprise deals.

What Enterprise Buyers Actually Care About

After supporting security discussions with JP Morgan, Commonwealth Bank, Google, Uber and dozens of enterprise buyers, here's what matters:They care about:

• Can you articulate your security approach clearly?
• Do you have documented processes we can review?
• Can you show evidence (not just claims)?
• Do you have a proper incident response?
• Will you pass our security review without months of back-and-forth?

They don't care about:

• Whether you implemented every possible control
• Your specific tool choices (within reason)
• Perfect security (impossible anyway)
• How long did it take you to build the program

A single vague answer can hurt trust. If you give three, you risk losing the deal.

The founder who can confidently say, "Yes, we have AES-256 encryption at rest, TLS 1.3 in transit. Here's our architecture overview," wins the deal over the founder who says, "Yes, we encrypt everything with industry best practices."

Being specific builds credibility, which helps you close deals.

The Real Investment: What This Actually Costs

Let's look at real numbers:

DIY Security Program:

• Your time: 280 hours × your hourly value (€200-500/hour?) = €56K-140K opportunity cost
• Security engineer time: 180 hours × €150/hour = €27K
• Compliance automation: €30-50K/year
• Essential security tools: €50-100K/year
• Total first year: €163K-317K

Fractional CISO Approach:

• Fractional CISO: ~€12,800/month × 3 months = €38,400 (pricing depends on daily rate of a CISO)
• Your time saved: 200+ hours for product/business
• Compliance automation: €30-50K/year
• Essential security tools: €50-100K/year
• Total first year: €118K-188K

You save €45K to €129K and keep over 200 hours of founder or CTO time focused on growing your business.

Big 4 Consultant (for comparison):

• Consulting fees: €120-200K
• Timeline: 18 months (12 months slower)
• Your time: 50-80 hours in endless meetings
• Opportunity cost: 12 months of blocked enterprise deals = €3-20M pipeline at risk
• Total first year: €200-350K

The numbers speak for themselves. Unless you have 280 extra hours in the next 90 days, a fractional CISO is the quickest way to win enterprise deals.

Common Mistakes That Kill DIY Programs

I've watched dozens of smart CTOs try to build security programs themselves. Here's where they fail:

Mistake #1: Trying to learn security while building it

You're reading NIST frameworks, ISO 27001 standards, SOC 2 criteria, vendor documentation, and 50 blog posts with conflicting advice. This research alone takes 60-80 hours.A fractional CISO who's done this 50+ times knows exactly what works. No research phase. Just execution.

Mistake #2: Over-engineering because you don't know what "good enough" looks like

Technical people (myself included) want to build the "right" solution. So you spend 40 hours designing the perfect access control architecture when a simple implementation would pass every enterprise review.Trying to make everything perfect can stop you from finishing. Experience helps you know what to focus on and what to simplify.

Mistake #3: Writing policies from scratch

Policies are painful to write. They're also mostly template-able. But if you've never written an incident response policy before, you're staring at a blank page for 8-10 hours per policy.Someone who's written 500+ security policies can customize a template in 30 minutes.

Mistake #4: Not knowing what evidence auditors actually need

You collect everything "just in case." Your evidence repository has 10,000 files. When audit time comes, you can't find what you need.With the right guidance, you collect only what’s needed—no more, no less.

Mistake #5: Treating it as a side project instead of a sprint

"I'll work on the security program a few hours per week" never works. You lose context, make inconsistent decisions, and the project stretches to 9-12 months.Building a security program requires sustained focus for 90 days. Either dedicate your time (280 hours) or delegate to someone who will.

A Quick note

Want to build an enterprise-grade security program?

Let me show you how working with a fractional CISO can unlock your business through pragmatic security leadership.

Book a Free Discovery Call

Why Fractional CISO Makes Sense (Not Full-Time)

At 30-500 employees, you don't need a full-time CISO. Here's why:

Full-Time CISO:

• Salary: €150-200K + equity
• Search timeline: 4-6 months (during which deals are blocked)
• Risk: They want to build an empire (3-5 person security team)
• Overhead: Enterprise processes for startup = slowed velocity
• Retention risk: Leave for FAANG after 18 months

Fractional CISO:

• Cost: €12,800-19,200/month (2-3 days per week)
• Start: 2 weeks (no search process)
• Right-sized: Security appropriate for your stage
• Flexibility: Scale up/down as needed
• Experience: 13+ years immediately available

After 90 days, most companies keep a fractional CISO engaged 1-2 days/month (€6,400-12,800/month) for:

• Monthly security reviews
• Quarterly policy updates
• Answering complex security questions from enterprise prospects
• Strategic guidance as business evolves

The total yearly cost for a fractional CISO (at 4 days/month) is €48K to €76.8K, compared to €180K to €250K for a full-time hire. You also get more flexibility and immediate expertise.

The Mindset Shift Required

Building a security program in 90 days requires abandoning perfectionism:

Old mindset:

• "We need enterprise-grade security"
• "I should learn security properly before building this"
• "We should implement every control to be safe"
• "Let me research best practices for 6 weeks first"

New mindset:

• "We need demonstrable security that wins deals"
• "I should delegate security to an expert so I can focus on the product"
• "We implement controls that answer enterprise questions"
• "Good enough wins deals, perfect never ships"

After building programs for industry-leading companies, I’ve seen that the difference between success and failure isn’t technical skill. It’s the willingness to focus on business results instead of technical perfection.

When This Approach Makes Sense

Do this if:

• You're 30-500 employees
• Enterprise deals blocked by security questions (€5-20M pipeline at risk)
• Raising Series B+ (investors expect compliance)
• Expanding to regulated industries
• Your product handles sensitive customer data
• You want to focus on the product, not become a security expert

Don't do this if:

• You're under 30 employees (too early, focus on product-market fit)
• No enterprise deals in the pipeline (no urgency = project fails)
• You genuinely enjoy security and have 280+ hours spare
• Consumer product with no enterprise buyers
• You prefer 18-month "perfect" programs over 90-day "good enough"

What Happens After 90 Days

You have a working security program. Now what?

Immediate capabilities:

• Respond to enterprise security questionnaires confidently (3-5 days, not 3-4 weeks)
• Pass enterprise security reviews without months of delays
• Demonstrate to investors that you take security seriously
• Baseline for ISO 27001 or SOC 2 certification (if you choose to pursue)

Ongoing maintenance (with automation):

• Monthly security reviews: 4-8 hours
• Quarterly policy updates: 8-12 hours
• Annual program review: 40-60 hours
• Total: 80-100 hours/year

In comparison, manual compliance can take over 640 hours a year. That’s the difference between a CTO who can focus on the product and one who is stuck in compliance work.

Most companies engage a fractional CISO for 1-2 days/month (€1,000-1,600 per day, or €4,000-6,400 for 4 days/month, depending on your needs) for ongoing program management, complex security questions, and strategic guidance. Much cheaper than a full-time CISO, much more effective than struggling alone.

The Alternative: What Happens If You Don't Build This

Let's be direct about consequences:

Without a security program:

• Enterprise deals stall 4-8 weeks during security review
• Prospects ask "Do you have ISO 27001?" → you say "working towards it" → deal dies
• Security questionnaires take 3-4 weeks to answer poorly
• Competitors with programs win your deals
• Series B investors flag security as risk
• You spend 200+ hours per year on reactive security questions

With a security program:

• Enterprise security reviews: 3-5 days
• Security questions answered confidently from documentation
• Competitive advantage versus unprepared competitors
• Investor confidence in due diligence
• You focus on product and growth

I've watched companies lose €5-20M deals because they couldn't demonstrate basic security maturity. Competitor with a working security program won. Same product. Same price. Different security posture.

The Real Question: Do You Have 280 Hours?

That's what this comes down to.

Building a security program yourself takes 280+ hours over 90 days. That's reality.

You're a founder or CTO. Do you have 280 spare hours while running your company?If yes: Use this framework. Build it yourself. It works.If no (and you shouldn't): Delegate to someone who's done this 50+ times. Keep your 200+ hours for product, team, and deals.

The companies winning enterprise deals aren't the ones with perfect security. They're the ones who stopped treating security as a side project and made it a focused 90-day sprint.

Either dedicate your time or delegate to experience. Just don't let security keep blocking your enterprise pipeline.

Frequently Asked Questions

Q: Can we really build a working security program in 90 days?

A: Yes - a foundational program aligned to ISO 27001 and SOC 2 frameworks that answers enterprise security questions. This is NOT the same as being audit-certified (that takes additional time). But it's absolutely sufficient to pass enterprise security reviews and win deals.

Q: What's the minimum team size where this makes sense?

A: 30+ employees with enterprise deals in your pipeline. For companies with fewer than 30 employees, focus on product-market fit. A security program can wait unless you're in a highly regulated industry or handling extremely sensitive data.

Q: Should we hire a full-time CISO or use a fractional one?

A: At 30-500 employees, fractional makes more sense. Typical day rate is €1,000-1,600, so for 4 days/month that's €4,000-6,400/month versus €150-200K/year + equity for full-time. You get 13+ years experience immediately vs 4-6 month search. No empire building, no retention risk. Most companies keep a fractional CISO after initial build for 1-2 days/month ongoing support.

Q: Can a CTO build this without security expertise?

A: Technically yes, but it costs 280+ hours of your time over 90 days. That's 10-14 weeks pulled away from product and business. Most CTOs don't have this time. Those who try end up either: (a) taking 9-12 months instead of 90 days, or (b) building something that doesn't actually answer enterprise questions because they're learning security while building it.

Q: What if we can't dedicate resources for the full 90 days?

A: Then wait until you can. Partial effort guarantees failure. Security program requires sustained focus for 90 days. A half-built security program is worse than no security program - it creates false confidence. Either commit fully or don't start at all.

Q: How do we know which controls to implement?

A: The 34 essential controls I outlined apply to almost every B2B technology company. These satisfy 90% of enterprise security questionnaires. The art is knowing which controls matter versus which are security theatre. This is where experience matters - someone who's reviewed 150+ enterprise security programs knows what buyers actually care about.

Q: Won't this just be "checkbox compliance" without real security?

A: Only if you treat it that way. The 34 essential controls ARE real security - they actually reduce risk. The difference is focusing on the controls that matter rather than implementing all 114 ISO controls (many of which don't apply to your business). Real security doesn't require perfection. It requires doing the important things well.

Q: What about ISO 27001 or SOC 2 certification?

A: This 90-day program creates the foundation for certification, but certification itself requires additional time: formal audit preparation (4-6 weeks) + external audit (4-8 weeks) = 120-180 days total timeline from start to certificate. Still dramatically faster than 18-month Big 4 timelines. But the business value comes immediately - you can answer enterprise security questions and win deals even before formal certification.

Q: Can we maintain this ourselves after 90 days?

A: Depends on your team's security expertise. Ongoing maintenance with automation is 80-100 hours/year. A technically strong CTO or senior engineer can handle this. However, most companies keep a fractional CISO engaged 1-2 days/month (€1,000-1,600 per day, or €4,000-6,400 for 4 days/month) for strategic guidance, complex security questions from prospects, and program evolution as business grows.

Q: What if an enterprise prospect needs answers next week?

A: Then you're in reactive mode. Best approach: book a 30-minute strategy call, I'll assess your situation, and we'll identify the fastest path to answering their specific questions while laying the foundation for a complete program. I've helped companies unstick deals in 2-3 weeks with focused responses, then built a full program over the following 90 days.

Q: What's your actual track record with this approach?

A: 100% first-time audit pass rate for companies I've supported through certification. Timeline from start to working program: 90-120 days average. Companies using this approach have won enterprise deals with Goldman Sachs, Commonwealth Bank, and other tier-1 buyers. Check my LinkedIn for recommendations from CTOs and founders who've worked with me.

Q: Why should we trust your approach versus Big 4 consultants?

A: Big 4 consultants optimize for billable hours. I optimize for business outcomes (winning enterprise deals). I've done this 50+ times across Forbes Cloud 100, banking, FinTech, and FMCG. My incentive is referrals from successful clients, not extending engagements. I want you winning deals in 90 days, not paying consulting fees for 18 months.

Q: What if we need this faster than 90 days?

A: 90 days is aggressive but realistic. 60 days is possible, but requires total commitment and some corners get cut. Under 60 days, you're creating risk, not managing it. If you have an urgent enterprise deal, a better approach is to stabilize the immediate situation with targeted responses (2-3 weeks), then build a proper program (90 days). Don't sacrifice quality for impossible timelines.

Ready to stop losing enterprise deals to security reviews?

Book a 30-minute strategy call. I'll assess your current state, show you exactly what you need to win your enterprise deals, and map the fastest path to get there.

You'll walk away knowing:

• Which security gaps are actually blocking your deals (vs nice-to-have)
• Realistic timeline for your situation
• Whether DIY or fractional CISO makes sense for you
• Exact next steps

No pitch. No pressure. Just actionable guidance from someone who's done this 50+ times.

Book your free 30-minute strategy call

In this week's brief:

• Chinese state actors just pulled off the first largely autonomous AI-driven cyber espionage campaign, letting Claude Code handle 80-90% of their attack operations from start to finish
• 77% of organizations dealt with insider-driven data loss in the past 18 months, yet most still can't see how their own users are handling sensitive data
• Amazon's honeypot service caught an APT exploiting Cisco and Citrix zero-days before they were publicly known, using sophisticated custom web shells with advanced evasion techniques

A quick note before we dive in.

Is Security Blocking Your Next Enterprise Deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Industry News

Amazon Discovers APT Exploiting Cisco and Citrix Zero-Days

• Amazon's MadPot honeypot service detected an APT exploiting CVE-2025-5777 (Citrix Bleed Two) and CVE-2025-20337 (Cisco ISE) as zero-days before public disclosure, indicating sophisticated vulnerability research capabilities.

• The threat actor deployed a custom web shell disguised as "IdentityAuditAction" that operated in-memory with advanced evasion techniques including Java reflection, DES encryption, and non-standard Base64 encoding to avoid detection.

• The campaign targeted critical identity management and network access control infrastructure, demonstrating pre-authentication remote code execution capabilities that provided administrator-level access to compromised Cisco ISE deployments.

DPRK Actors Use JSON Storage Services in Contagious Interview Campaign

• North Korean threat actors behind the Contagious Interview campaign have evolved their tactics to use legitimate JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware disguised as interview demo projects targeting software developers.

• The campaign uses social engineering through fake recruiter profiles on LinkedIn to distribute trojanized Node.js projects containing base64-encoded URLs that fetch obfuscated JavaScript code leading to BeaverTail and InvisibleFerret malware deployment.

• The malware chain includes a new component called Tsunami that establishes persistence, downloads Python if needed, and retrieves additional payloads from Pastebin with over 400 views indicating significant campaign success across multiple platforms including Windows, Linux, and macOS.

Operation Endgame Takes Down 1025 Malware Servers in International Cybercrime Crackdown

• Law enforcement from 11 countries coordinated by Europol dismantled three major cybercrime enablers including the Rhadamanthys infostealer, VenomRAT remote access trojan, and Elysium botnet between November 10-13, 2024.

• The operation resulted in one arrest in Greece, 11 location searches across three countries, and the seizure of 20 domains along with over 1,025 servers that had infected hundreds of thousands of victims worldwide.

• The dismantled infrastructure contained several million stolen credentials and over 100,000 crypto wallets potentially worth millions of euros, with victims now able to check their exposure through dedicated websites established by authorities.

After 13 years of building security programs for Forbes Cloud 100 companies, banks, and B2B scale-ups, I've reviewed 150+ security programs. The pattern is clear: most growing companies need strategic security leadership, but hiring a full-time CISO too early can kill momentum and drain resources.

Here is what works best.

The Full-Time CISO Problem Nobody Talks About

For B2B companies with €5-50M in revenue, hiring a full-time CISO is often not the best choice.

This is because hiring a full-time CISO costs €150-250K per year, plus equity, benefits, and a lengthy hiring process, for someone who may spend much of their time on tasks that are not yet needed. Most companies at this stage do not have a mature enough security program to require full-time strategic leadership.

I've seen CTOs burn out trying to handle security between product sprints. 

I've watched founders lose €20M deals because they couldn't answer basic security questionnaires. 

And I've seen companies hire expensive CISOs who leave within 18 months because there wasn't enough scope for them to make a meaningful impact.

The primary issue is that European B2B companies must meet enterprise-level security requirements, but often lack the same resources as large enterprises.

What is a Fractional CISO?

A fractional CISO (Chief Information Security Officer) is a senior security executive who works with multiple companies on a part-time, strategic basis. Think of it as having a battle-tested security leader available for 1-3 days per week, rather than five.

However, not all fractional CISOs offer the same level of expertise or service.

Many security consultants have never built a complete security program. They may audit your current state, produce a lengthy report that is never implemented, and then move on. This approach is costly and does not provide real value.

A true fractional CISO goes beyond giving advice. They help build your security program, guide you through ISO 27001 and SOC 2 audits, improve your responses to vendor questionnaires, present to your board, and make security decisions that support business growth.

A Quick note

Is Security Blocking Your Next Enterprise Deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Why European B2B Companies Need Different Security Leadership

European B2B companies encounter challenges that are not covered by typical American approaches:

Regulatory complexity, including the GDPR, NIS2, sector-specific requirements, and multiple jurisdictions, creates compliance burdens that American companies don't face. Your customers in Germany have different security expectations than those in the Netherlands or the UK.

European enterprises typically demand ISO 27001 or equivalent certifications before initiating procurement conversations. In the US, many deals close without certifications. In Europe, no certification often means no conversation.

European B2B companies typically have smaller teams and tighter budgets compared to their US counterparts at the same revenue stage. You can't throw money at the problem; you need smart, efficient security programs.

Operating across EU member states means navigating different data residency requirements, local regulations, and varying security maturity expectations from customers.

I've navigated M&A transactions worth over €150M, supported deals with the world’s largest and most highly regulated organizations, and built security programs that helped scale from €10M to over €100M in revenue. The companies that succeed don't copy Silicon Valley playbooks; they build pragmatic security programs that fit European market realities.

The Real ROI: What Fractional CISO Services Actually Deliver

The most important factor is the impact on revenue.

Deals that close: Enterprise procurement committees require evidence of security maturity. When you can demonstrate a functioning security program, answer questionnaires confidently, and provide ISO 27001 or SOC 2 certification, deals that would have stalled for 6-12 months close in weeks.

I've watched sales teams lose €5-20M opportunities because "security maturity is insufficient." Then, I watched those same companies close identical deals 90 days after implementing proper security governance.

The difference? They could finally answer the questions enterprise buyers actually ask.

Investor confidence: Series B investors now mandate security diligence. A fractional CISO provides the strategic oversight that satisfies investors without the full-time cost. In my experience, companies with clear security leadership receive better valuations and smoother due diligence processes.

Cost optimization: A fractional CISO working 2 days per week costs anywhere between €10,000 and €14,000/month. A full-time CISO costs €17-20K+/month in salary alone, plus 3-6 months to hire, plus equity, plus benefits. You save 40-70% while getting 13+ years of proven experience starting immediately.

But here's the real ROI nobody calculates: the opportunity cost of getting security wrong. Every week without a demonstrable security capability costs you €200-500K in stalled pipeline. Competitors with mature security stories are winning the deals you pioneered.

How Fractional CISO Services Work (The Honest Version)

Most consultants will promise you the world in a glossy PDF and call themselves advisors without touching anything. However, most consultants are wrong because that’s not a service but rather an AI-generated output.

I'm going to explain exactly how pragmatic and customer-driven fractional CISOs work and what you can expect. Here is how we approach it at Mandos:

Phase 1 (Weeks 0-4): Rapid Assessment. We assess your current security posture, identify immediate risks, and prioritize based on business impact. You get a clear roadmap of what needs fixing and why. No 200-page reports; just actionable priorities tied to your revenue goals.

Phase 2 (Months 2-6): Enterprise-Ready Security. We build your security program alongside your technical teams. This means implementing controls, documenting policies, establishing governance processes, and preparing for compliance certifications. The goal is to pass enterprise security reviews and close deals.

Phase 3 (Months 4-8): Certification. Navigate ISO 27001 or SOC 2 audits with minimal disruption to your team. We manage auditor relationships, evidence collection, and remediation. Our track record: 100% first-time pass rate on audits.

Phase 4 (Month 7+): Ongoing Governance. Once certified, you require continuous leadership, including board reporting, program maturity, regulatory adaptation, and strategic decision-making. This is where fractional CISO services deliver long-term value: ongoing executive oversight without full-time cost.

What this isn't:

• Not a security audit that produces reports nobody implements
• Not a compliance checkbox exercise that doesn't improve actual security
• Not vendor-agnostic consulting that recommends €500K tool stacks
• Not someone who disappears after the PowerPoint presentation

What this is: Real security leadership that makes decisions, implements solutions, and drives business outcomes.

The Three Critical Use Cases for Fractional CISO Services

After working with dozens of B2B companies, three scenarios consistently drive the need for fractional CISO services:

1. Deal-Driven Security Requirements

Your sales team is in late-stage negotiations with an enterprise customer. Procurement sends a 300-question security assessment. Your CTO doesn't have time to answer it, and your team doesn't know how to proceed.

This is the most common trigger. Enterprise customers now require evidence of security maturity before signing contracts. If you can't demonstrate a functioning security program, the deal dies, regardless of how good your product is.

A fractional CISO responds to RFPs, manages enterprise security conversations, and provides the documentation that procurement committees demand. The goal is to remove security as a blocker to revenue.

2. Compliance Certifications (ISO 27001, SOC 2, NIS2)

Investors mandate compliance frameworks. Enterprise contracts require certifications. Regulations impose penalties for non-compliance.

But Big 4 consultants quote €150K+ and 18-month timelines. Your 25-person team is already at capacity. Pulling engineers away from product development to build compliance programs can kill momentum.

A fractional CISO implements lean, business-focused compliance programs that satisfy auditors without enterprise overhead. I achieved ISO 27001 and SOC 2 certifications within 6-8 months, with 100% first-time pass rates, because the goal is certification that enables business, not security theater.

3. M&A Security Integration

You're acquiring a company or being acquired. Security due diligence reveals gaps. Integration requires consolidating security programs, tools, and teams to achieve a comprehensive security approach.

I've conducted security assessments for dozens of mergers and acquisitions (M&A) transactions. The companies that succeed treat security as a business enabler during M&A, not an afterthought. A fractional CISO manages due diligence, identifies risks, and leads post-merger integration without derailing the deal timeline.

What to Look for in a Fractional CISO (Red Flags and Green Flags)

The security consulting market is rife with individuals selling snake oil. Here's how to tell the difference between real expertise and expensive PowerPoints:

Red flags:

• Promises ISO 27001 certification in 6 weeks (impossible)
• Leads with tool recommendations before understanding your business
• Uses fear-based selling ("You'll get breached tomorrow!")
• Can't explain complex security concepts in simple business terms
• Has never built a complete security program from scratch
• Focuses on compliance theater instead of business outcomes

Green flags:

• Battle-tested experience building security programs at scale
• Clear track record of audit success (not just consulting work)
• Can explain security ROI in business terms, not technical jargon
• Understands European regulatory requirements (GDPR, NIS2, sector-specific)
• Has navigated M&A security due diligence
• Focuses on pragmatic solutions that fit your growth stage

Here's my bias: I've built security programs for Forbes Cloud 100 FinTech companies, navigated over €150M in M&A transactions, and achieved 100% first-time pass rates on ISO 27001 and SOC 2 audits. I understand what enterprise buyers demand because I've helped companies close deals with the world’s largest and most highly regulated organizations.

However, these credentials don't matter if the approach doesn't align with your company's needs. The right fractional CISO understands your business context, aligns security with revenue goals, and builds programs that scale with your growth, not against it.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

The Investment: What Fractional CISO Services Actually Cost

Let me give you the numbers consultants usually hide until the third meeting.

Full-time CISO cost:

• Salary: €150-250K annually (€12.5-20.8K/month)
• Benefits, equity, taxes: +30-40%
• Recruitment fees: €30-50K
• Time to hire and onboard: 4-6 months
• Risk of wrong hire: High (18-month average tenure if mismatched)

Total first-year cost: €200-350K+, with 6 months before productivity

Fractional CISO costs, on the other hand, range from €10,000 to €14,000/month depending on the engagement scope, region, and time commitment. Most engagements are structured as monthly retainers rather than hourly billing, providing predictable costs and strategic continuity. (At least that’s how we prefer to deliver maximum value to customers here at Mandos.)

In exchange, you get immediate productivity, 40-70% cost savings, and a proven track record. The investment pays for itself when you close the first enterprise deal that was previously blocked by security concerns.

When Should You Actually Hire a Full-Time CISO?

Here's the honest answer: when you have the scope and resources to justify one.

Consider a full-time CISO when:

• Revenue exceeds €100M with a mature security program already established.
• You have a security team of three or more people who require daily leadership.
• You're operating in multiple regions with complex compliance obligations.
• Board members and investors specifically mandate full-time security leadership.

Stick with a fractional CISO when:

• Revenue is €10-100M M and the security program is still being built.
• The CTO is handling security reactively, balancing it with product priorities.
• You need enterprise security capability but not full-time overhead.
• Compliance certifications are driving the immediate need.
• You're navigating mergers and acquisitions (M&A) or a major transformation.
• You want flexibility.

The mistake most companies make? Hiring a full-time CISO too early, burning cash on someone who doesn't have enough scope, then watching them leave within 18 months. Or waiting too long, losing deals to competitors with better security maturity.

Fractional CISO services bridge that gap, providing strategic leadership when you need it most, at a cost structure that fits your growth stage.

FAQ: Fractional CISO Services for European B2B Companies

What is a fractional CISO, and how is it different from a security consultant?

A fractional CISO is a senior security executive who works with your company on a regular, part-time basis (typically 1-3 days per week). Unlike consultants who audit and advise, a fractional CISO executes, building security programs, making strategic decisions, managing audits, and providing ongoing leadership and guidance. Think of it as having an experienced CISO on your executive team without the full-time cost.

What is the cost of a fractional CISO in Europe?

Fractional CISO services typically range from €10,000 to €14,000/month, depending on the engagement level (1-3 days per week). This represents 40-70% savings compared to hiring a full-time CISO (€150-250K annually plus benefits, equity, and recruitment costs). The investment pays for itself when you close enterprise deals that were previously blocked by security requirements.

How long does it take to get ISO 27001 or SOC 2 certified with a fractional CISO?

With a pragmatic, business-focused approach, ISO 27001 or SOC 2 certification typically takes 6-8 months from start to successful audit completion. This timeline assumes reasonable starting maturity and dedicated internal resources to implement controls. Companies with strong technical teams can achieve certification faster; those with limited capacity may take longer. Beware of consultants promising 6-week certifications, they're selling fantasy.

Can a fractional CISO work remotely, or must they be on-site?

Most fractional CISO work is conducted remotely with periodic on-site visits for key activities (audit preparation, board presentations, major incidents). For European B2B companies, this model works well: you get experienced leadership without geographic limitations. Critical situations (major security incidents, audit weeks) may require on-site presence, but day-to-day strategic work happens effectively remotely.

What's the difference between a fractional CISO and a vCISO?

These terms are often used interchangeably, but there's a subtle distinction: "fractional CISO" typically implies a senior executive working with a limited number of clients (3-5 companies), providing deep engagement and strategic leadership. "vCISO" (virtual CISO) sometimes refers to lower-touch, more distributed consulting models. The key question: Is this person making executive-level security decisions for your company, or just providing advice?

How do I know if my B2B company needs a fractional CISO?

You need fractional CISO services if: (1) Enterprise customers are asking security questions you can't answer confidently, (2) You're pursuing ISO 27001 or SOC 2 certification, (3) Investors are demanding security maturity, (4) Your CTO is drowning in security work, or (5) You're navigating M&A that requires security due diligence. If security has become a blocker to revenue, it's time for strategic leadership.

What industries benefit most from fractional CISO services?

B2B SaaS, FinTech, data platforms, enterprise software, enterprise AI, and any technology company selling to enterprise customers benefit most from fractional CISO services. These companies face stringent security requirements from buyers, yet they operate with lean teams and tight budgets. Industries with strong regulatory requirements (financial services, healthcare, critical infrastructure) also benefit, though may eventually need full-time security leadership as they scale.

How many companies does a fractional CISO typically work with?

An effective fractional CISO typically works with 3-5 companies simultaneously, dedicating 1-3 days per week to each client. This balance ensures deep engagement and strategic impact while maintaining cost efficiency. Beware of "fractional CISOs" working with 10+ companies; they're spreading themselves too thin to provide meaningful leadership.

Can a fractional CISO help with NIS2 compliance for European companies?

Yes. NIS2 (Network and Information Security Directive 2) applies to many European B2B companies, particularly those in critical sectors or providing digital services. A fractional CISO can assess your NIS2 obligations, implement required security measures, establish governance processes, and ensure ongoing compliance. This is increasingly important as EU member states enforce NIS2 requirements with serious penalties for non-compliance.

What happens during a typical fractional CISO engagement?

A typical engagement follows four phases: (1) Rapid assessment of your current security posture and business priorities (weeks 0-4), (2) Building enterprise-ready security program and preparing for certifications (months 2-6), (3) Navigating audits and achieving ISO 27001/SOC 2 certification (months 4-8), and (4) Ongoing governance, board reporting, and continuous program maturity (month 7+). The timeline adjusts based on your immediate needs and existing maturity.

How do I measure ROI on fractional CISO services?

ROI shows up in three ways: (1) Revenue impact - enterprise deals that close faster because you can demonstrate security maturity, (2) Cost avoidance - not hiring a full-time CISO saves €100-200K+ annually while getting proven expertise immediately, and (3) Risk reduction - avoiding compliance penalties, data breaches, and reputational damage. Most companies see positive ROI within the first 90 days when security stops blocking enterprise sales.

What's the typical contract length for fractional CISO services?

Initial engagements typically run 6-12 months to build and certify a complete security program. After achieving initial goals (certification, enterprise readiness, compliance), many companies continue with ongoing governance at reduced time commitment (1 day/week). The goal is to build a security capability that eventually becomes self-sustaining, rather than creating a permanent dependency.

The Bottom Line on Fractional CISO Services

European B2B companies face a fundamental challenge: enterprise customers demand security maturity, but they lack the necessary enterprise resources.

Fractional CISO services solve this problem - providing battle-tested security leadership when you need it most, at a cost structure that fits your growth stage.

After 13 years of building security programs and reviewing over 150 B2B companies, I've learned what actually works: pragmatic security programs that unlock revenue, simplified compliance that satisfies auditors, and strategic leadership that scales with business growth.

The companies winning enterprise deals in 2025 aren't outspending competitors; they're out-executing them with smart security strategies.

If security is blocking your next enterprise deal, delaying your fundraising, or consuming your technical team's bandwidth, it's time to talk.

Book a complimentary 30-minute discovery call to explore whether fractional CISO services are a suitable fit for your organization. No sales pitch, just an honest conversation about your security challenges and whether I can help solve them.

Nikoloz Kokhreidze
Fractional CISO | Founder at Mandos
13+ years turning security roadblocks into competitive advantages

Want to explore all Mandos services, security resources? Visit mandos.io/solutions

In this week's brief:

• OWASP's 2025 Top 10 introduces Software Supply Chain Failures as a new #3 category, while social engineering attacks jumped 1,450% in the first half of 2025
• ChatGPT vulnerabilities are enabling attackers to steal private data from hundreds of millions of users through 0-click attacks and memory poisoning techniques
• The "two million cybersecurity jobs" narrative gets debunked with real data showing only 514,000 actual openings, explaining why qualified professionals struggle to find work

A quick note before we dive in.

Industry News

OWASP Releases Top 10 Application Security Risks for 2025

• OWASP has published the Top 10:2025 release candidate featuring two new categories and one consolidation, with Broken Access Control maintaining its #1 position while Security Misconfiguration jumps from #5 to #2 based on data from 2.8 million tested applications.

• The new Software Supply Chain Failures category expands beyond vulnerable components to encompass broader ecosystem compromises including build systems and distribution infrastructure, ranking #3 despite limited testing data but showing the highest average exploit and impact scores from CVEs.

• A tenth new category called Mishandling of Exceptional Conditions addresses improper error handling and logical errors, while the methodology now analyzes 589 CWEs (up from 400 in 2021) grouped into categories focusing on root causes rather than symptoms.

Unit 42 Discovers LANDFALL Android Spyware Exploiting Samsung Zero-Day Vulnerability

• Researchers uncovered LANDFALL, a previously unknown Android spyware family targeting Samsung Galaxy devices through CVE-2025-21042, a zero-day vulnerability in Samsung's image processing library that was actively exploited in the wild before being patched in April 2025.

• The spyware was delivered via malicious DNG image files likely sent through WhatsApp, enabling comprehensive surveillance capabilities including microphone recording, location tracking, and collection of photos, contacts, and call logs on targeted devices in the Middle East.

• LANDFALL shares infrastructure and tradecraft patterns with commercial spyware operations, indicating possible links to private-sector offensive actors (PSOAs), with similarities observed to Stealth Falcon activity and references to "Bridge Head" terminology commonly used by commercial spyware vendors.

Scattered LAPSUS$ Hunters Emerges as Federated Cybercriminal Brand Combining Legacy Groups

• A new cybercriminal umbrella brand called Scattered LAPSUS$ Hunters (SLH) emerged in August 2025, appropriating reputational assets from Scattered Spider, ShinyHunters, and LAPSUS$ groups while operating through a federated model rather than a formal merger of the original entities.

• The group operates primarily through Telegram channels that have been recreated at least 16 times following takedowns, offering Extortion-as-a-Service capabilities and targeting cloud-first environments including SaaS providers, CRMs, and database systems for data theft and extortion.

• SLH demonstrates advanced technical capabilities including AI-automated vishing, exploit development targeting CVE-2025-61882 (Oracle E-Business Suite) and CVE-2025-31324 (SAP NetWeaver), with evidence suggesting fewer than five core operators control approximately 30 public personas through sophisticated sockpuppetry.

In this week's brief:

• YouTube's become a malware playground with over 3,000 malicious videos targeting gamers and software crackers - Check Point found this network has been operating since 2021 and attacks tripled this year
• AI-generated code is creating serious security headaches with 70% of organizations finding vulnerabilities in AI-written code, which now makes up nearly a quarter of all production code
• The cybersecurity job market is brutal right now - even experienced professionals from major tech companies are struggling to land new roles, with some positions getting 5,000 applications in 72 hours

A quick note before we dive in.

Industry News

Check Point Exposes YouTube Ghost Network Distributing Malware Through 3,000+ Videos

• Check Point Research discovered a sophisticated YouTube malware distribution network operating since 2021, using over 3,000 malicious videos to distribute infostealers like Rhadamanthys and Lumma. The network employs compromised accounts with specialized roles – video uploaders, community post managers, and engagement manipulators – to create false legitimacy through positive comments and likes.

• The network primarily targets users seeking game hacks (especially Roblox with 380 million monthly users) and software cracks (particularly Adobe products like Photoshop). The most viewed malicious video garnered 293,000 views promoting cracked Adobe Photoshop, while actors frequently update payloads every 3-4 days and rotate C2 servers to evade detection.

• Malicious videos tripled in 2025 compared to previous years, with threat actors shifting from Lumma to Rhadamanthys infostealer following Lumma's disruption by law enforcement. Videos redirect users to phishing pages on Google Sites or file-sharing platforms, distributing password-protected archives that commonly instruct victims to disable Windows Defender before execution.

10 Typosquatted npm Packages Deploy Multi-Stage Credential Harvester

• Socket's Threat Research Team discovered 10 malicious npm packages using typosquatting to mimic popular libraries like TypeScript, discord.js, and ethers.js. The packages automatically execute via postinstall hooks, spawn new terminal windows to avoid detection, and use four layers of obfuscation including XOR encryption and control flow obfuscation to hide their payload.

• The malware displays a fake CAPTCHA prompt for social engineering, performs IP fingerprinting against the C2 server at 195.133.79.43, then downloads a 24MB PyInstaller-packaged information stealer called data_extracter. This cross-platform stealer harvests credentials from system keyrings, browsers, SSH keys, and authentication tokens across Windows, Linux, and macOS.

• Published by threat actor andrew_r1 on July 4, 2025, the packages remained live for over four months and accumulated 9,900+ downloads. Organizations should audit dependencies immediately, assume compromised systems, reset all stored credentials, revoke authentication tokens, and implement Socket's supply chain protection tools to prevent similar attacks.

Google Confirms Active Exploitation of Critical Windows WSUS Vulnerability

• Google's Threat Intelligence Group reports UNC6512 threat actor actively exploiting CVE-2025-59287 across multiple victim organizations, with attackers conducting reconnaissance and exfiltrating data from compromised hosts.

• The vulnerability affects Windows Server Update Services with an unauthenticated remote code execution flaw stemming from insecure deserialization – Microsoft's initial October patch was incomplete, requiring an emergency fix last Thursday.

• Researchers observe approximately 100,000 exploitation attempts in seven days targeting publicly exposed WSUS instances on default TCP ports 8530/8531, with attackers using PowerShell commands to gather network intelligence before data exfiltration.

In this week's brief:

• AWS suffered a major outage when a DNS race condition in DynamoDB brought down multiple services across US-EAST-1, showing how cascading failures can impact entire cloud regions
• GlassWorm malware is targeting VS Code extensions using invisible Unicode characters and an unkillable blockchain-based command structure that's nearly impossible to take down
• Microsoft deployed 14 Deputy CISOs to handle security across their massive organization, offering insights into how large enterprises are restructuring security leadership

A quick note before we dive in.

Industry News

AWS DynamoDB DNS Race Condition Causes Major Multi-Service Outage in US-EAST-1

• A race condition in DynamoDB's automated DNS management system caused the regional endpoint to resolve to an empty record, preventing new connections to the service from 11:48 PM on October 19 to 2:40 AM on October 20, 2025. The bug occurred when two DNS Enactors processed plans simultaneously, with one applying an outdated plan that was then deleted by cleanup processes, leaving the system in an inconsistent state requiring manual intervention.

• The DynamoDB outage cascaded to cause EC2 instance launch failures lasting until 1:50 PM on October 20 due to the DropletWorkflow Manager's dependency on DynamoDB for maintaining server leases. When leases timed out, the system entered congestive collapse and couldn't establish new droplet leases, requiring engineers to throttle incoming work and selectively restart DWFM hosts to recover capacity.

• Multiple AWS services including Lambda, ECS, EKS, Fargate, Connect, STS, IAM authentication, Redshift, and Support Console experienced significant disruptions, with some services like Connect experiencing busy tones and failed connections, while Redshift clusters remained in "modifying" states that prevented query processing even after DynamoDB recovery.

GlassWorm Self-Propagating Worm Uses Invisible Unicode Code Against VS Code Extensions

• Researchers discovered the first self-propagating worm targeting VS Code extensions on OpenVSX marketplace, affecting 10,711 installations across seven compromised extensions. The malware uses invisible Unicode characters to hide malicious code that becomes completely transparent in code editors and bypasses traditional code review processes.

• GlassWorm employs an unkillable command and control infrastructure using the Solana blockchain as its primary C2 server, with Google Calendar as backup. This immutable, decentralized approach makes takedowns impossible while enabling dynamic payload updates for less than a penny per transaction.

• The final payload transforms infected developer workstations into criminal infrastructure through SOCKS proxy servers, hidden VNC access, and peer-to-peer communication channels. The worm harvests credentials from 49 cryptocurrency wallet extensions, NPM tokens, and GitHub credentials to automatically spread to additional packages and extensions.

LayerX Discovers CometJacking Vulnerability in Perplexity's AI Browser

• Researchers found that a single weaponized URL can hijack Perplexity's Comet AI browser to steal sensitive data from connected services like Gmail and Calendar without requiring credential phishing, simply by tricking users into clicking a malicious link.

• The attack exploits URL parameters to force the AI to prioritize user memory over web searches, then instructs it to encode stolen data in base64 format and POST it to attacker-controlled servers, effectively bypassing Perplexity's built-in exfiltration protections.

• Despite LayerX's responsible disclosure in August 2025, Perplexity marked the findings as "Not Applicable," highlighting the emerging security risks of agentic browsers where AI assistants have trusted access to personal and corporate data sources.

In this week's brief:

• F5 confirms a nation-state breach that exposed BIG-IP source code and undisclosed vulnerabilities, reminding us that even security vendors aren't immune to persistent attacks
• AI security incidents more than doubled in 2025 with prompt injection attacks now accounting for 35% of all documented incidents and causing six-figure financial losses
• 90% of security leaders say managing cyber risk is harder now than five years ago, yet only 19% rate their programs as mature - highlighting the growing complexity we're all facing

A quick note before we dive in.

Industry News

F5 Breach Exposes BIG-IP Source Code – Nation-State Hackers Behind Massive Intrusion

• F5 disclosed that a nation-state threat actor gained persistent access to their network and stole BIG-IP source code along with information about undisclosed vulnerabilities, with the breach discovered on August 9, 2025.

• The attackers accessed F5's product development environment and knowledge management platform, exfiltrating configuration and implementation information affecting a small percentage of customers who will be directly notified.

• F5 has engaged Google Mandiant and CrowdStrike for incident response, implemented enhanced security controls, and advises users to apply the latest updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients immediately.

North Korean UNC5342 Threat Actor Adopts EtherHiding Technique for Cryptocurrency Theft

• Google Threat Intelligence observed UNC5342 using EtherHiding to deliver JADESNOW malware through fake job interviews – marking the first time a nation-state actor has adopted this blockchain-based technique that stores malicious payloads in smart contracts on BNB Smart Chain and Ethereum, making takedowns nearly impossible.

• The social engineering campaign targets cryptocurrency developers with fraudulent job interviews, deploying a multi-stage infection chain where JADESNOW downloads INVISIBLEFERRET backdoor from blockchain transactions, ultimately leading to cryptocurrency wallet theft and credential harvesting from browsers and password managers.

• While the blockchain storage provides resilience against traditional blocking methods, the attack still relies on centralized API services to interface with blockchains – creating potential mitigation opportunities through Chrome Enterprise policies that block dangerous downloads and enforce managed browser updates.

Attackers Exploit Cisco SNMP Vulnerability CVE-2025-20352 to Deploy Rootkits in Operation Zero Disco

• Threat actors leveraged CVE-2025-20352, a Cisco SNMP vulnerability in both 32-bit and 64-bit switch builds, to achieve remote code execution and deploy Linux rootkits on unprotected devices, primarily targeting Cisco 9400, 9300, and legacy 3750G series switches.

• The rootkit establishes persistent access through a universal password containing "disco" and installs hooks into IOSd memory space, enabling attackers to disable logging, bypass authentication, hide configuration changes, and control network traffic through UDP listeners on any port.

• Attackers used sophisticated lateral movement techniques including ARP spoofing to impersonate waystation IP addresses, bypass internal firewalls, and move between network zones while evading detection through log manipulation and configuration hiding capabilities.

In this week's brief:

• A perfect 10.0 CVSS vulnerability dubbed RediShell is exposing 330,000 Redis instances worldwide, allowing attackers to escape Lua sandbox and achieve complete system compromise
• Half of enterprise networks are too outdated to support AI initiatives according to IDC, with 94% saying their infrastructure limits large data and AI projects
• 70% of job openings never make it to LinkedIn according to a former hiring manager, meaning you're competing with 1,500+ people for the visible 30%

A quick note before we dive in.

Industry News

RediShell: Critical Redis RCE Vulnerability Exposes 330,000 Internet-Facing Instances

• Wiz Research discovered CVE-2025-49844, a use-after-free memory corruption vulnerability in Redis that allows attackers to escape the Lua sandbox and achieve arbitrary code execution with a CVSS 10.0 rating – the highest possible severity.

• The vulnerability affects approximately 330,000 internet-exposed Redis instances globally, with about 60,000 lacking authentication and 57% of cloud environments running Redis as container images with potentially insecure default configurations.

• Successful exploitation enables complete system compromise including credential theft, malware installation, data exfiltration, and lateral movement within cloud environments using stolen IAM tokens and certificates.

ZDI Discloses 13 Unpatched Ivanti Endpoint Manager Vulnerabilities

• Trend Micro's Zero Day Initiative published advisories for 13 unpatched vulnerabilities in Ivanti Endpoint Manager, with CVSS scores ranging from 7.2 to 8.8. One flaw allows local privilege escalation while 12 enable remote code execution.

• All vulnerabilities stem from improper validation of user-supplied input, leading to SQL injection and deserialization attacks. The bugs affect various components including AgentPortal service, Report_RunPatch, DBDR, and PatchHistory classes.

• Ivanti initially requested patches by September 2025 but later extended the timeline to March 2026 for all 12 RCE flaws. ZDI disclosed the vulnerabilities after the 120-day disclosure window expired without adequate vendor response.

Cursor IDE Case-Sensitivity Bug Enables Remote Code Execution

• A case-sensitivity vulnerability in Cursor IDE allowed attackers to bypass file protections by using variations like .cUrSoR/mcp.json instead of .cursor/mcp.json, which the IDE treated as different files while the operating system treated them as identical on Windows and macOS.

• The flaw could lead to remote code execution by enabling attackers to inject malicious configuration files, register unauthorized plugins, or modify build tasks that execute arbitrary shell commands without triggering Cursor's security confirmation prompts.

• Cursor patched the vulnerability in version 1.7 by normalizing file paths and implementing case-insensitive comparisons, but the incident highlights broader security challenges as AI-powered development tools gain more autonomous capabilities to modify system configurations.

In this week's brief:

• Red Hat confirms a security incident following claims that hackers breached their GitLab repositories, though details about the scope remain limited
• AI code generation creates more problems than it solves with research showing vulnerabilities increase by 37.6% after just five iterations of AI improvements
• Senior cybersecurity professionals are hitting walls in today's job market, with experienced candidates submitting hundreds of applications and getting nowhere

A quick note before we dive in.

Industry News

Red Hat Confirms Security Incident After Hackers Claim GitLab Breach

• Red Hat acknowledged a security incident following claims by threat actors that they breached the company's systems and accessed sensitive data from their GitLab repositories.

• The incident appears to involve unauthorized access to Red Hat's development infrastructure, though the company has not disclosed specific details about the scope or nature of the breach.

• Red Hat is currently investigating the incident and working to determine what data may have been compromised, while implementing additional security measures to prevent further unauthorized access.

North Korea's Fake Recruiters Feed Stolen Data to IT Workers

• DeceptiveDevelopment campaign targets cryptocurrency and DeFi developers through fake job offers on LinkedIn and Upwork, deploying malware including BeaverTail, InvisibleFerret, and Tropidoor to steal credentials and infect systems.

• Stolen developer identities are supplied to North Korean fraudulent IT workers tracked as WageMole, who use this information along with proxy interviewing and AI-generated synthetic identities to obtain remote work at western companies.

• The operation extends beyond programming roles into civil engineering and architecture, with North Korean workers impersonating legitimate companies and producing falsified engineering drawings with fake approval stamps.

SORVEPOTEL Malware Spreads Through WhatsApp Targeting Brazilian Users

• The malware spreads via phishing messages containing malicious ZIP files that appear to come from trusted contacts, specifically targeting desktop users with Portuguese messages instructing them to download and open attachments on their PCs.

• Once executed, SORVEPOTEL establishes persistence by copying itself to the Windows Startup folder and hijacks active WhatsApp Web sessions to automatically send the same malicious ZIP file to all contacts and groups in the victim's account.

• The campaign has primarily impacted Brazil with 457 of 477 detected cases, focusing on government and public service organizations but also affecting manufacturing, technology, education, and construction sectors through automated propagation rather than data theft.

The Qantas CEO taking an $800K pay cut for a data breach feels like a turning point - finally seeing real accountability at the top instead of security teams taking all the heat.

In this week's brief:

• A critical Azure flaw that could have given attackers silent access to any Microsoft tenant worldwide - thankfully patched quickly
• Deepfake losses hit $347M this quarter alone, with incidents doubling every six months
• Industry veterans are calling out the cybersecurity job shortage myth, saying most openings are just backfills

A quick note before we dive in.

Industry News

Verified Steam Game Steals Streamer's Cancer Treatment Donations

• A verified Steam game called BlockBlasters was updated with a cryptodrainer component that stole $32,000 from a cancer patient's wallet during a fundraising livestream for his treatment.

• Security researchers report the malware affected approximately 261-478 Steam users, stealing a total of $150,000, with victims being specifically targeted based on their cryptocurrency holdings.

• The game contained sophisticated malware components including a Python backdoor and StealC payload that collected Steam login information and uploaded it to command and control servers.

Actor Tokens Vulnerability Allowed Complete Access to Every Entra ID Tenant

• A critical vulnerability in the Azure AD Graph API failed to properly validate tenant origins when processing undocumented impersonation "Actor tokens" used by Microsoft for service-to-service communication, allowing attackers to access any Entra ID tenant globally with no logs or evidence.

• The impact was catastrophic – an attacker could impersonate any user (including Global Admins) in any tenant, bypass Conditional Access policies, and make any modification to the directory without generating logs in the victim's tenant, effectively allowing complete Microsoft 365 and Azure resource compromise.

• Microsoft fixed the issue within days of receiving the report on July 14, 2025, rolled out additional mitigations preventing applications from requesting these tokens, and issued CVE-2025-55241 to address this flaw that Microsoft's telemetry indicates was not exploited in the wild.

State-Sponsored Threat Actor Exploits Multiple Zero-Day Vulnerabilities in Cisco ASA and FTD Software

• Cisco identified a state-sponsored threat actor actively exploiting multiple zero-day vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software for data exfiltration from government networks.

• The three critical vulnerabilities (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363) allow attackers to execute arbitrary code, with the first two already under active exploitation in the wild and the third at high risk of imminent exploitation.

• The U.K.'s NCSC identified RayInitiator (multi-stage bootkit) and LINE VIPER (shellcode loader) malware families being used in these attacks, with the malware designed to survive reboots and firmware upgrades.

In this week's brief:

• CrowdStrike's npm packages got hit by the Shai-Hulud supply chain attack, affecting over 526 packages and showing how sophisticated these attacks have become
• 71.7% of workplace AI tools are classified as high or critical risk, with most enterprise data flowing to risky platforms rather than secure alternatives
• Experienced cybersecurity professionals are struggling in an unprecedented job market, with some reporting over 1,000 applications without success

A quick note before we dive in.

Industry News

Shai-Hulud Supply Chain Attack Targets CrowdStrike npm Packages

• Multiple npm packages published under CrowdStrike's account were compromised in an ongoing supply chain attack called "Shai-Hulud" that previously affected tinycolor and 40+ other packages. The attack uses identical malware that scans systems for tokens/credentials and exfiltrates sensitive data.

• The malware evolved through seven distinct versions, becoming increasingly stealthy and efficient. It self-propagates by stealing credentials to modify and republish packages, adding a malicious bundle.js file that executes automatically via postinstall scripts.

• Over 526 packages were affected, with more than 100 packages compromised in a single burst targeting CrowdStrike. Organizations should rotate npm tokens, audit environments that installed affected packages, and monitor for unusual publish events.

ShadowLeak: Zero-Click Attack Exfiltrates Sensitive Data via ChatGPT's Deep Research Agent

• Researchers discovered a zero-click vulnerability in ChatGPT's Deep Research agent that allows attackers to craft malicious emails that trick the agent into leaking sensitive inbox data with no user action required or visible indication.

• Unlike previous attacks requiring client-side image rendering, this service-side exfiltration occurs entirely from OpenAI's cloud environment, making it invisible to traditional enterprise security controls and applicable across multiple data connectors beyond Gmail.

• The attack used sophisticated social engineering techniques embedded in HTML emails to bypass the agent's safety restrictions, achieving 100% success rate by encoding stolen data in Base64 format before exfiltration.

SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers

• SonicWall detected suspicious activity targeting their cloud backup service, with unknown threat actors accessing encrypted firewall configuration files for less than 5% of customers through a series of brute-force attacks.

• While credentials within the compromised files were encrypted, the files contained information that could help attackers potentially exploit the related firewalls, prompting SonicWall to urge immediate password resets.

• The company recommends affected customers take urgent containment actions including limiting WAN access, disabling management services and VPN access, resetting passwords, and importing fresh preferences files provided by SonicWall with randomized credentials.

The renewable energy transition is turning into a cybersecurity nightmare for European utilities, with attacks jumping 586% last year alone - seems like going green comes with some unexpected red flags.

In this week's brief:

• HybridPetya ransomware surfaces with UEFI Secure Boot bypass capabilities, marking the fourth bootkit of its kind we've seen
• Hexstrike-AI drops as a game-changing framework that lets threat actors orchestrate 150+ AI agents to exploit targets in under 10 minutes
• Web3 white hats are making millions from bug bounties while traditional cybersecurity salaries look increasingly modest in comparison

A quick note before we dive in.

The disconnect between C-suite confidence and frontline reality continues to widen, with executives feeling twice as confident about cyber readiness compared to the managers actually dealing with daily threats.

In this week's brief:

• Threat actors are getting creative by exploiting Grok AI on X to spread malicious links through hidden metadata fields
• Shadow AI usage has exploded 200% across enterprises, with companies now juggling an average of 320 AI applications outside IT oversight
• SOC analyst burnout is reaching crisis levels due to chaotic scheduling and toxic management practices at understaffed centers

A quick note before we dive in.

Industry News

Threat Actors Abuse X's Grok AI to Spread Malicious Links

• Malicious advertisers are exploiting a loophole where they hide malicious links in the "From:" metadata field of video ads on X, which isn't scanned by the platform's security filters.

• When users ask Grok about these posts, the AI assistant extracts and shares the hidden links as clickable URLs, effectively bypassing X's link posting restrictions while gaining credibility from Grok's trusted system account status.

• This technique, dubbed "Grokking" by researcher Nati Tal, has helped some malicious ads reach millions of impressions, leading to various scams and information-stealing malware.

GhostRedirector Poisons Windows Servers with Backdoors and SEO Fraud Tools

• ESET researchers identified a China-aligned threat actor named GhostRedirector that compromised at least 65 Windows servers primarily in Brazil, Thailand, and Vietnam using a passive C++ backdoor (Rungan) and a malicious IIS module (Gamshen) for SEO fraud.

• The attackers use EfsPotato and BadPotato exploits to create privileged users on compromised servers, ensuring persistent access even if their malware is removed, and deploy various webshells for maintaining access to the systems.

• GhostRedirector's SEO fraud scheme uses the Gamshen module to manipulate Google search results by hijacking responses only for Googlebot requests, artificially promoting gambling websites without affecting regular visitors of the compromised sites.

VirusTotal Uncovers Undetected Colombian Malware Campaign Using SVG Files

• VirusTotal's Code Insight detected a sophisticated phishing campaign impersonating the Colombian justice system through SVG files that went completely undetected by all antivirus engines.

• The malicious SVGs execute embedded JavaScript to render a fake government portal, simulate a document download with progress bar, while secretly downloading a malicious ZIP archive in the background.

• Investigation revealed 523 samples dating back to August 2025, with attackers using polymorphism techniques and Spanish-language code comments to evade detection while targeting Colombian users via email.

"We checked every box," he told me. "But we still got breached."

This story isn't unique. It's become the norm for growing B2B companies who mistake compliance for actual cybersecurity.

The Backwards Approach That's Sabotaging Your Security

Most companies I advise through fractional CISO services follow the same predictable pattern. They start by selecting a compliance framework - usually ISO 27001 or SOC 2 because enterprise customers demand it. Then they work backwards, implementing controls and writing policies designed to satisfy auditors rather than prevent actual threats.

The result? Companies end up with elaborate documentation systems and expensive compliance tools, but their actual security posture remains fundamentally weak. They can produce impressive-looking security policies on demand, but they can't detect when attackers are already inside their systems.

This compliance-first mentality creates several critical blind spots:

Documentation Over Detection: Teams spend months crafting incident response procedures that look good on paper, but they've never tested whether they can actually detect an incident in progress. I've seen companies with 47-page incident response playbooks discover breaches weeks after they occurred because they had no real-time monitoring capabilities.

Process Over Protection: Organizations implement complex access control policies to satisfy auditors, but they don't address the fundamental issue that 73% of their employees are sharing passwords through Slack messages. The policy says "multi-factor authentication required," but the implementation is so cumbersome that people routinely bypass it.

Audit Theater Over Asset Security: Companies catalog their assets and assign risk ratings because the framework demands it, but they don't actually know which systems contain their most sensitive customer data or how those systems connect to each other. When a breach occurs, they spend days just figuring out what was compromised.

Why Smart Auditors Actually Prefer Security-First Programs

Here's what most CTOs and founders don't realize: experienced auditors can immediately tell the difference between a compliance program built for show and a security program built for business protection.

When I work with companies as their fractional CISO, we focus on building security programs that auditors actually respect. The approach is counterintuitive but consistently more effective.

Instead of starting with framework requirements, we begin by identifying the company's actual business risks. What would happen if customer payment data was compromised? How much revenue would the company lose during a week-long system outage? Which third-party integrations create the highest risk exposure?

Once we understand the real business impact, we build security controls that directly address these risks. Then - and only then - we document our decisions and map them to compliance requirements.

The difference in audit outcomes is remarkable. When auditors see security programs built on genuine business risk analysis, they ask fewer challenging questions and accept explanations more readily. They can see that security decisions were made for legitimate business reasons, not just to check compliance boxes.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

The Security-First Approach That Actually Works

After implementing this approach across dozens of B2B companies through fractional CISO engagements, I've identified the pattern that consistently delivers both strong security and smooth compliance outcomes.

Start With Business Context: Before writing a single policy, understand what you're actually protecting. Map your customer data flows, identify your revenue-critical systems, and quantify the business impact of different types of security incidents. This business context becomes the foundation for every security decision you make.

Build Detection Before Documentation: Implement monitoring and threat detection capabilities first. You need to know when something bad is happening before you worry about having the perfect incident response procedure. Companies that can detect and contain threats quickly consistently outperform those with elaborate but untested response plans.

Test Everything Under Pressure: Design security controls that work during actual business pressure, not just during audit demonstrations. If your access control system is so complex that developers disable it during critical deployments, you don't have security - you have security theater.

Document Decisions, Not Just Processes: When auditors review your program, they want to understand why you made specific security investments. Document the business rationale behind your security architecture decisions. Explain why you chose endpoint detection over network monitoring, or why you prioritized identity management over data encryption. This context demonstrates genuine security thinking rather than checkbox compliance.

What This Looks Like in Practice

One of my fractional CISO clients, a B2B SaaS company with 120 employees, exemplifies this approach. Instead of starting with ISO 27001 requirements, we spent our first month understanding their business model and identifying their highest-impact security risks.

We discovered that their biggest vulnerability wasn't technical - it was operational. Customer support agents had broad database access because the previous CTO believed role-based access control was "too complicated for a startup." This single issue created more business risk than all the technical vulnerabilities in their codebase combined.

Rather than implementing the traditional ISO 27001 access control documentation, we built a practical access management system based on actual job functions and business processes. Support agents could still resolve customer issues quickly, but they couldn't access financial data or modify user accounts.

When their ISO 27001 audit occurred six months later, the auditor spent less than an hour reviewing access controls because the business rationale was immediately clear. The system was designed to support business operations while preventing data misuse - exactly what the auditor wanted to see.

The company achieved ISO 27001 certification in record time and simultaneously reduced their security risk exposure by an estimated 67%. More importantly, their enterprise sales cycle shortened by an average of six weeks because prospects had confidence in their security posture.

Why This Approach Accelerates Enterprise Sales

For growing B2B companies, the security-first approach creates a significant competitive advantage in enterprise sales cycles. When prospects ask about your security program, you can demonstrate genuine security thinking rather than just showing compliance certificates.

Enterprise buyers are increasingly sophisticated about cybersecurity. They've seen too many vendors with impressive compliance credentials suffer embarrassing breaches. They want to work with companies that understand security as a business enabler, not just a regulatory requirement.

When your security program is built on real business risk analysis, you can have confident conversations with enterprise prospects about their specific security concerns. Instead of fumbling through generic compliance documentation, you can explain exactly how your security architecture protects their data and supports business continuity.

This confidence translates directly into shorter sales cycles and higher win rates for enterprise deals.

The Fractional CISO Advantage for Growing Companies

Most growing B2B companies face a fundamental challenge: they need enterprise-grade security expertise, but they're not ready for a full-time CISO hire. The typical CISO salary ranges from €150,000 to €250,000 annually, plus equity and benefits - a significant investment for companies still scaling their core business operations.

Fractional CISO services provide access to senior security leadership without the full-time overhead. You get strategic security guidance from someone who has built security programs across multiple industries and growth stages, but you only pay for the time you actually need.

More importantly, fractional CISOs bring pattern recognition from working with many companies. We can quickly identify which security investments will have the highest business impact and which compliance requirements you can address more efficiently.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Getting Started: Your Next Steps

If your company is currently building security around compliance requirements, you're not alone - but you can change direction before it becomes a bigger problem.

Start by asking yourself these questions: What would actually happen to your business if your systems were compromised tomorrow? Which of your current security investments directly address your highest business risks? Can you explain to an enterprise prospect why your security program is designed the way it is?

If you can't answer these questions confidently, your security program might be built backwards.

The good news is that it's never too late to refocus on security-first principles. Companies that make this transition consistently achieve better security outcomes and smoother compliance processes.

Whether you work with fractional CISO services or build internal security capabilities, remember that compliance should validate your security decisions, not drive them.

About Mandos: Mandos provides fractional CISO services for growing B2B companies across Europe. We help organizations build lean security programs that accelerate business growth while achieving compliance requirements like ISO 27001 and SOC 2. Our security-first approach has helped companies reduce sales cycles, pass audits, and prevent breaches.

The disconnect between what executives think AI is doing for their security teams versus what analysts actually experience on the ground is becoming impossible to ignore - and it's a conversation every security leader needs to have this week.

In this week's brief:

• ESET discovered the first AI-powered ransomware that writes its own malicious code using publicly available AI models
• A major study reveals 71% of executives believe AI significantly improves security productivity, but only 22% of the analysts using these tools daily actually agree
• The cybersecurity job market continues tightening as companies cut training programs and expect new hires to already have enterprise experience

Industry News

First Known AI-Powered Ransomware Uncovered By ESET Research

• ESET researchers discovered "PromptLock" - the first known AI-powered ransomware that uses the gpt-oss-20b model via Ollama API to generate malicious Lua scripts on the fly for data exfiltration and encryption.

• The malware is written in Golang with both Windows and Linux variants identified, though it appears to be a proof-of-concept rather than having been deployed in actual attacks.

• This discovery demonstrates how publicly-available AI tools could dramatically lower the barrier for attackers to create sophisticated ransomware that can adapt to environments at unprecedented speed and scale.

Docker Desktop Vulnerability Allows Container Escape (CVE-2025-9074)

• A critical vulnerability in Docker Desktop for Windows and MacOS exposes the Docker Engine socket without authentication, allowing attackers to break container isolation and potentially access the host filesystem.

• On Windows, attackers can mount the entire filesystem with administrator privileges, read sensitive files, and even escalate to system administrator by overwriting DLLs, while MacOS impact is limited by additional security layers.

• The issue is fixed in Docker Desktop version 4.44.3 - Linux users are not affected as they use named pipes instead of TCP sockets for the Docker Engine API.

Storm-0501 Shifts To Cloud-Based Ransomware Tactics

• Financially motivated threat actor Storm-0501 has evolved from deploying traditional on-premises ransomware to using cloud-based tactics that leverage exfiltration of large data volumes and destruction of data/backups without malware deployment.

• The attack chain begins with on-premises Active Directory compromise, then pivots to Microsoft Entra ID through compromised Directory Synchronization Accounts, eventually elevating to Global Administrator privileges to access and control Azure resources.

• After gaining control, the actor deletes or encrypts critical storage accounts and disables protections like resource locks and immutability policies, then demands ransom through Microsoft Teams using compromised accounts.

It seems we're drowning in our own data - with 61% of security teams overwhelmed by threat intelligence feeds while lacking the skilled analysts to make sense of it all.

In this week's brief:

• Initial Access Brokers are shifting their sights to smaller US companies with weaker defenses, while VPN access becomes their new favorite entry point
• AI adoption is exploding across enterprises, but security teams can only see about 20% of what's actually being used - creating some serious blind spots
• A SOC Lead candidate got rejected mid-interview for not knowing a specific tool, sparking debate about what really matters in security hiring

A quick note before we dive in.

A Quick note

Is security slowing your business growth? Want your security team to actually drive revenue instead of just saying "no" to everything?

I transform security into your secret weapon for winning deals.

Let's fix this.

Book a Free Discovery Call

Industry News

Initial Access Brokers Target US Companies While Shifting Focus to Smaller Organizations

• Initial Access Brokers (IABs) primarily targeted the US (31%) in 2023, while France and Brazil saw increased targeting in 2024, with a 90% increase in accesses for sale across the top 10 targeted countries – suggesting ransomware actors are concentrating on specific geographic regions.

• The manufacturing sector has risen into the top 3 targeted industries in 2024, joining business services and retail, while IABs have shifted focus to smaller organizations with revenue between $5M-$50M (60.5% of all listings), potentially due to their weaker security posture.

• VPN access has surged in 2024 (33% of listings), challenging RDP access (55%) as the preferred access type sold by IABs, with most access listings priced between $500-$3,000, though high-value targets can exceed $10,000.

Threat Actor Offering 15.8 Million PayPal Credentials For Sale

• A threat actor named "Chucky_BF" is advertising a "Global PayPal Credential Dump 2025" containing 15.8 million plain-text password and email combinations with associated PayPal URLs for just $750.

• The 1.1GB dataset likely originated from infostealer malware logs rather than a direct PayPal breach, containing login details collected from infected devices worldwide across multiple email providers.

• The data includes specific PayPal endpoints like /signin and /signup, along with Android-specific URIs, potentially enabling automated credential stuffing attacks against both web and mobile services.

Workday Discloses Data Breach Following Salesforce Attack

• HR giant Workday confirmed a data breach after threat actors gained access to their third-party CRM platform through a social engineering campaign, primarily exposing business contact information such as names, email addresses, and phone numbers.

• The breach is part of a larger campaign linked to the ShinyHunters extortion group targeting Salesforce instances, with attackers using social engineering and voice phishing techniques to trick employees into linking malicious OAuth apps.

• Workday, which serves over 11,000 organizations including more than 60% of Fortune 500 companies, discovered the breach on August 6 and emphasized that no customer tenants or the data within them were accessed during the incident.

His company had just lost a $2M enterprise deal because they couldn't answer security questions during the vendor assessment. The procurement team asked about their incident response plan, data encryption standards, and compliance frameworks. His CTO scrambled to provide technical documentation that missed the point entirely.

"We have great security," he told me, frustrated. "Our infrastructure is solid, we use multi-factor authentication, and our developers follow secure coding practices. Why wasn't that enough?"

The answer reveals a fundamental misunderstanding that's costing growing B2B companies millions in lost revenue and putting their entire business at risk.

The Million-Dollar Reframing That Changes Everything

What I've learned from building cybersecurity programs for dozens of organizations that have never done this before is that success starts with taking the first step to frame cybersecurity broadly.

It's not a technical problem.

Of course there are technical aspects to it, but cybersecurity is part of the larger enterprise risk management strategy that keeps everyone inside and outside of your organization safe. This includes your employees, your clients, your partners, and your business reputation.

When you frame cybersecurity this way, suddenly the conversation changes from "why do we need another IT expense?" to "how do we protect our business and the people who trust us?"

The CEO stops seeing cybersecurity as something the tech team handles in the background and starts seeing it as something that directly affects customer trust, regulatory compliance, and business continuity. This shift in perspective makes it dramatically easier to get budget, resources, and organizational buy-in.

Because now you're not asking for security tools – you're asking for business protection.

Why Technical Excellence Isn't Enough for Enterprise Deals

That SaaS founder's technical security was actually impressive. His team had implemented zero-trust architecture (sort of), automated vulnerability scanning, and comprehensive logging across their infrastructure. From a purely technical standpoint, they were more secure than many Fortune 500 companies.

But enterprise buyers don't evaluate vendor security based on technical implementation alone. They evaluate it based on risk management, governance, and the vendor's ability to protect their business relationship.

When enterprise procurement teams ask about your security program, they're really asking: "Can we trust you to protect our data, maintain business continuity, and help us meet our own compliance requirements?"

Technical security answers the "what" and "how." Strategic cybersecurity leadership answers the "why" and "what happens when things go wrong."

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

The Hidden Cost of Treating Security as an IT Problem

Growing B2B companies that treat cybersecurity as purely a technical problem face predictable consequences that compound over time:

Enterprise deals stall or disappear because you can't demonstrate governance, risk management, and compliance readiness that enterprise buyers require.

Regulatory compliance becomes a reactive scramble rather than a competitive advantage, often requiring expensive consultants and delaying market expansion plans.

Security incidents create organizational chaos because there's no clear communication plan, defined roles, or business continuity strategy beyond technical recovery.

Investor due diligence reveals gaps that can delay funding rounds or reduce valuations when security is viewed as a technical afterthought rather than business enabler.

The companies that break through these barriers share one common characteristic: they have strategic cybersecurity leadership that connects security investments to business outcomes.

From Cost Center to Competitive Advantage

The transformation happens when cybersecurity moves from being viewed as a necessary expense to being positioned as business protection and competitive differentiation.

This shift requires someone who can translate technical security controls into business language, demonstrate ROI on security investments, and build programs that actually accelerate business goals rather than obstruct them.

For most growing B2B companies, hiring a full-time CISO represents a significant investment – typically €120K+ annually plus benefits, equity, and the time required to find and onboard the right person. Many companies aren't ready for that level of commitment, but they desperately need the strategic perspective that comes with experienced cybersecurity leadership.

The Strategic Advantage of Fractional Cybersecurity Leadership

Fractional CISO services bridge this gap by providing experienced cybersecurity leadership on a part-time basis, typically 1-3 days per week depending on your company's stage and needs.

This approach offers several strategic advantages for growing B2B companies:

Immediate expertise without hiring delays. Instead of spending months recruiting and onboarding a full-time executive, you get proven cybersecurity leadership that can start making an impact immediately.

Cost-effective strategic guidance. Fractional services typically cost 40-70% less than full-time executive salaries while providing the same level of strategic insight and industry experience.

Scalable engagement model. As your company grows and security needs evolve, the engagement can scale up or transition to internal leadership when the timing and budget align.

External perspective and industry knowledge. Fractional CISOs bring experience from multiple organizations and industries, providing insights that internal teams might miss.

What Strategic Cybersecurity Leadership Actually Looks Like

The difference between technical security management and strategic cybersecurity leadership becomes clear when you examine how each approach handles common business scenarios:

Enterprise sales situations: Technical teams focus on demonstrating security controls and compliance checkboxes. Strategic leadership focuses on positioning security as a competitive advantage that accelerates deal closure and supports premium pricing.

Regulatory compliance requirements: Technical approaches treat compliance as a documentation exercise. Strategic leadership builds compliance programs that streamline operations, reduce business risk, and create competitive differentiation.

Security incident response: Technical teams focus on system recovery and vulnerability patching. Strategic leadership ensures business continuity, stakeholder communication, and organizational learning that strengthens future resilience.

Budget and resource allocation: Technical security asks for tools and technologies based on functional requirements. Strategic leadership demonstrates ROI, business impact, and risk reduction that supports executive decision-making.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

Building Security Programs That Scale With Your Business

The most successful growing B2B companies build cybersecurity programs that evolve with their business model, rather than creating static compliance frameworks that become obstacles to growth.

This requires understanding how security requirements change as companies move through different growth stages:

Early growth (50-200 employees): Focus on foundational security policies, basic compliance frameworks, and security-aware culture that supports rapid scaling without creating operational friction.

Market expansion (200-500 employees): Implement governance frameworks that support enterprise sales, regulatory compliance for new markets, and security architecture that scales with increased complexity.

Enterprise readiness (500+ employees): Establish mature security operations, comprehensive risk management, and security leadership that can represent the company to enterprise customers, regulators, and investors.

Each stage requires different priorities, investments, and leadership approaches. Companies that try to skip stages or implement enterprise-level security too early often create unnecessary complexity and costs. Companies that wait too long to invest in strategic security leadership find themselves blocked from growth opportunities.

The ROI of Strategic Security Investment

When cybersecurity is approached strategically rather than tactically, the return on investment becomes measurable and significant:

Accelerated sales cycles through streamlined security questionnaire responses and confident enterprise customer conversations.

Premium pricing opportunities when security becomes a competitive differentiator rather than a checkbox requirement.

Reduced compliance costs through efficient frameworks that satisfy multiple regulatory requirements simultaneously.

Faster international expansion when security programs are designed to meet diverse regulatory requirements from the beginning.

Higher valuations during funding or acquisition when security is positioned as a business enabler rather than a cost center.

The companies that achieve these outcomes share a common approach: they invest in strategic cybersecurity leadership that connects security decisions to business outcomes.

Making the Strategic Shift

The transition from viewing cybersecurity as a technical problem to embracing it as business protection requires more than just changing terminology or reorganizing responsibilities.

It requires leadership that can bridge the gap between technical security requirements and business strategy, someone who can communicate effectively with both engineering teams and executive stakeholders, and the experience to build security programs that actually accelerate business goals.

For growing B2B companies, fractional CISO services provide the strategic perspective and industry expertise needed to make this transition successfully, without the full-time executive investment that many companies aren't ready to make.

The question isn't whether your growing B2B company needs strategic cybersecurity leadership. The question is whether you'll invest in it proactively to accelerate growth, or reactively after missing opportunities that strategic security leadership could have captured.

About Mandos: Mandos provides fractional CISO and strategic cybersecurity leadership services for growing B2B companies across Europe. Led by Nikoloz Kokhreidze, with 13+ years of experience building security programs at Forbes Cloud 100 FinTech, FMCG multinationals, banking, and global enterprises, Mandos helps companies turn security from a business bottleneck into a competitive advantage.

Ready to discuss your cybersecurity strategy? Book a free 30-minute consultation at http://cal.com/nikolozk/30min

Security budgets hitting a five-year low while threats keep escalating feels like trying to fill a bucket with a bigger hole in the bottom each year.

In this week's brief:

• Cisco patches a maximum severity vulnerability that lets attackers execute remote code on firewall management systems
• New "Man-in-the-Prompt" attacks turn your favorite AI tools into potential data theft machines
• Python skills now showing up in half of all cybersecurity job postings - time to dust off those coding tutorials

A quick note before we dive in.

A Quick note

Is security slowing your business growth? Want your security team to actually drive revenue instead of just saying "no" to everything?

I transform security into your secret weapon for winning deals.

Let's fix this.

Book a Free Discovery Call

Industry News

Cisco Warns of Critical CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

• Cisco has patched a critical vulnerability (CVE-2025-20265) with maximum CVSS score of 10.0 in Secure Firewall Management Center (FMC) Software, affecting the RADIUS authentication subsystem.

• The flaw allows unauthenticated, remote attackers to inject arbitrary shell commands during authentication that execute with high privileges when the system is configured for RADIUS authentication.

• Cisco also released patches for multiple high-severity bugs affecting various Firewall products, including denial-of-service vulnerabilities in Adaptive Security Appliance and Secure Firewall Threat Defense Software.

Top GenAI Tools Vulnerable to "Man-in-the-Prompt" Attack

• LayerX researchers discovered a new exploit allowing browser extensions to access and manipulate LLM prompts without special permissions, affecting major platforms like ChatGPT (5B monthly visits) and Google Gemini (400M monthly visits).

• The vulnerability enables attackers to turn LLMs into "hacking copilots" that can extract sensitive data, with malicious extensions able to inject hidden instructions, exfiltrate information, and delete evidence of the attack.

• Internal corporate LLMs are especially vulnerable as they contain proprietary datasets and often lack hardening against adversarial input, creating significant risks for intellectual property theft and regulatory compliance violations.

Crypto24 Ransomware Targets Large Organizations With Custom EDR Evasion Tool

• The ransomware group is targeting high-value victims in finance, manufacturing, entertainment, and tech sectors across the US, Europe, and Asia, using a custom variant of RealBlindingEDR to disable security solutions from 12 major vendors.

• After initial access, attackers escalate privileges by activating default admin accounts, create persistence through malicious Windows services (WinMainSvc keylogger and MSRuntime ransomware loader), and deploy custom tools to systematically evade detection.

• Crypto24 uses a custom exfiltration tool that leverages the WinINET API to send stolen data to Google Drive before encrypting files and deleting volume shadow copies to prevent recovery.

The North Korean cryptocurrency heist story this week really shows how social engineering remains one of our biggest blind spots. Even sophisticated organizations are falling for fake freelance job offers that lead to multi-million dollar losses.

In this week's brief:

• Microsoft disclosed a high-severity Exchange vulnerability that lets attackers silently escalate privileges in hybrid cloud setups
• The AI SOC market is exploding with predictions that AI will handle 60% of SOC tasks by 2028 - but are we ready for that shift?
• A SOC manager is struggling to transition back to technical work, highlighting a common career dilemma many of us face

Let's dive in.

Remember 2010? Every technology leader insisted that cloud computing was "too risky" for serious business applications. Companies burned through millions building and maintaining their own data centers, convinced that keeping everything on-premises was the only way to maintain security and control.

Fast forward to today, and I'm seeing the exact same pattern with artificial intelligence.

CTOs and engineering leaders at growing fintech, biotech, and SaaS companies are convincing their boards to invest $20-50 million in on-premises AI infrastructure. They're hiring specialized AI teams, purchasing expensive hardware, and dedicating months of development time to build what they believe will be their competitive moat.

But here's the uncomfortable truth: you're not an AI company, and you never will be.

The Mathematics of Competitive Disadvantage

Let's talk numbers that matter to your business growth.

Microsoft invested over $100 billion in AI development and infrastructure. OpenAI has raised $300 billion and employs some of the world's brightest AI researchers. Google's AI division operates with resources that dwarf most countries' GDP.

Your $50 million AI infrastructure budget? It's not even a rounding error in their calculations.

While your engineering team spends 18 months building yesterday's AI models, your competitors are already leveraging today's cutting-edge APIs to deliver superior customer experiences, automate complex processes, and capture market share.

I've seen this play out with three different clients in the past year. Each company delayed critical product launches by 6-12 months while building "proprietary" AI capabilities that were obsolete before they went live.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

The Real AI Security Challenge (It's Not What You Think)

Here's where most founders and CTOs get it wrong: they think AI security is about controlling the infrastructure.

It's not.

AI security is about controlling data flow, inputs, and outputs. It's about governance frameworks that ensure your company can leverage AI tools safely without exposing sensitive customer data or proprietary information.

The companies that will win the AI adoption race aren't building their own models. They're the ones who figured out how to securely integrate best-in-class AI services into their existing workflows.

This requires a completely different approach to security strategy – one that most growing companies aren't equipped to handle internally.

What Smart Leaders Are Doing Instead

The most successful growing B2B companies I work with have made a fundamental shift in their AI strategy. Instead of asking "How do we build AI?", they're asking "How do we securely consume AI?"

This shift changes everything:

Infrastructure Investment: Instead of spending millions on hardware and specialized talent, they're investing in robust API security, data classification systems, and AI governance frameworks.

Security Approach: Rather than trying to secure their own AI infrastructure, they're implementing controls that allow safe consumption of external AI services while protecting sensitive data.

Competitive Timeline: While competitors spend years building inferior AI capabilities, these companies are already delivering AI-powered features to customers using best-in-class APIs.

Risk Management: They've moved from the high-risk strategy of building unproven technology to the lower-risk approach of securely integrating proven solutions.

The Fractional CISO Advantage in AI Strategy

Most growing companies face a critical gap: they need strategic security leadership for AI adoption, but they're not ready for a full-time CISO hire.

This is where fractional cybersecurity leadership becomes invaluable. An experienced fractional CISO can help you:

• Develop AI governance frameworks that enable safe adoption without slowing innovation
• Implement data classification and protection controls that work with external AI services
• Create security policies that allow your teams to leverage AI tools productively
• Build vendor assessment processes for AI service providers
• Establish incident response procedures for AI-related security events

The Hidden Costs of Getting AI Security Wrong

The companies that try to "figure out" AI security as they go face predictable and expensive consequences:

Regulatory Exposure: AI governance requirements are emerging rapidly across industries. Companies without proper frameworks face compliance risks that can shut down entire product lines.

Data Breaches: Poorly implemented AI integrations become attack vectors. One client avoided a potentially devastating breach only because we caught their development team accidentally training models on customer PII.

Competitive Disadvantage: While you're building AI infrastructure, competitors with better security strategies are already delivering AI-powered features that customers demand.

Investor Concerns: Sophisticated investors now ask detailed questions about AI governance during due diligence. Companies without clear answers find fundraising much more difficult.

Building Your AI Security Strategy: A Practical Framework

The most effective approach I've seen follows a clear progression:

Phase 1: Data Classification and Protection Identify what data can and cannot be processed by external AI services. Implement controls that prevent sensitive information from leaving your environment.

Phase 2: AI Governance Framework Establish policies for AI tool adoption, usage monitoring, and incident response. Create approval processes that balance security with innovation speed.

Phase 3: Secure Integration Architecture Design API security controls, implement monitoring systems, and establish data flow controls that enable safe AI consumption.

Phase 4: Continuous Monitoring and Improvement Deploy systems that track AI usage across your organization and continuously assess emerging risks and opportunities.

Most companies try to tackle all four phases simultaneously and end up with incomplete solutions that create more risk than protection.

A Quick note

Is security blocking your next enterprise deal?

Let's discuss how fractional CISO services can unlock your pipeline without the full-time overhead.

Book a Free Discovery Call

The Bottom Line for Growing B2B Companies

The companies that will dominate their markets over the next five years won't be the ones that built the best AI infrastructure. They'll be the ones that figured out how to securely and strategically consume AI services while their competitors were still arguing about on-premises versus cloud deployment.

Your competitive advantage lies in your core business expertise, not in recreating technology that Microsoft and Google have already perfected.

The question isn't whether your company should adopt AI – your competitors are already using it to improve customer experiences, automate processes, and reduce costs.

The question is whether you'll adopt AI securely and strategically, or whether you'll spend the next two years building expensive infrastructure while missing the opportunities that matter most to your business growth.

Stop fighting the inevitable. Start securing what actually matters.

About Mandos: Mandos provides fractional CISO and strategic cybersecurity leadership services for growing B2B companies across Europe. Led by Nikoloz Kokhreidze, with 13+ years of experience building security programs at Forbes Cloud 100 FinTech, FMCG multinationals, banking, and global enterprises, Mandos helps companies turn security from a business bottleneck into a competitive advantage.

Ready to discuss your cybersecurity strategy? Book a free 30-minute consultation at http://cal.com/nikolozk/30min.

The crypto industry just lost over $800 million in a single quarter – a quick reminder that even cutting-edge tech isn't immune to basic security fundamentals being overlooked.

In this week's brief:

• Attackers are successfully bypassing MFA using fake Microsoft OAuth apps, compromising thousands of accounts with a concerning 50%+ success rate
• New research reveals that AI-generated code contains vulnerabilities nearly half the time, raising questions about our growing reliance on LLMs for development
• The cybersecurity job market is getting tougher, with even GRC roles now requiring technical skills that weren't expected just a few years ago

As organizations rush to integrate AI into security workflows, are we moving fast enough on securing the AI itself, or are we creating new attack surfaces faster than we can defend them?

Let me know in the comments.

Industry News

Threat Actors Using Fake Microsoft OAuth Apps To Bypass MFA

• Attackers are impersonating legitimate enterprises with fake Microsoft OAuth applications to conduct AiTM (attacker-in-the-middle) phishing campaigns that specifically bypass multi-factor authentication using the Tycoon phishing-as-a-service platform.

• The campaign has targeted over 3,000 user accounts across 900+ Microsoft 365 environments with a success rate exceeding 50%, customizing attacks to specific industries including aerospace and defense companies.

• Microsoft plans to block legacy authentication protocols and require admin consent for third-party app access starting July 2025, which will significantly reduce the effectiveness of this attack technique.

Aim Labs Discovers "CurXecute" RCE Vulnerability in Cursor IDE

• Aim Labs identified a high severity (8.6) vulnerability in Cursor IDE enabling full Remote-Code-Execution through a prompt-injection attack tracked as CVE-2025-54135.

• The exploit occurs when Cursor's MCP server fetches untrusted external data that can silently rewrite ~/.cursor/mcp.json and execute arbitrary commands with user privileges.

• Cursor fixed the issue in version 1.3, but all earlier releases remain vulnerable to this attack vector, which requires no user confirmation and executes before users can reject suggested edits.

Auto-Color Backdoor: Darktrace Thwarts Stealthy Linux Intrusion Via CVE-2025-31324

• Darktrace identified and contained an Auto-Color backdoor malware attack targeting a US chemicals company through exploitation of CVE-2025-31324 in SAP NetWeaver, marking the first observed pairing of this vulnerability with Auto-Color malware.

• The threat actor used multiple stages: initial exploitation to download a ZIP file, followed by DNS tunneling requests to OAST domains, and ultimately deployment of the Auto-Color ELF file which establishes persistence by modifying /etc/ld.so.preload and installing a malicious shared object (libcext.so.2).

• Auto-Color employs sophisticated evasion techniques including a unique suppression mechanism that limits malicious behavior when C2 connection fails, helping it avoid detection in air-gapped or sandboxed environments while maintaining persistence through system library manipulation.

Leadership Insights

Web3 Security: Over $800 Million Lost In Crypto Hacks During Q2 2025

• The crypto industry suffered $801,315,669 in losses across 144 security incidents in Q2 2025, with phishing emerging as the most costly attack vector ($395M stolen across 52 incidents), followed by code vulnerabilities ($235.7M across 47 incidents).

• While Ethereum experienced the highest number of incidents (70), Bitcoin saw the largest financial impact with $373.6M stolen. The total for H1 2025 has already reached $2.47B in losses, surpassing the entire 2024 total of $2.4B.

• Notable incidents include a BTC whale losing $330.7M to social engineering, Cetus Protocol's $225.6M smart contract exploit on Sui blockchain, and Nobitex's $89.1M loss to a hacktivist group that deliberately burned the stolen funds.

Mitratech Study: Third-Party Risk Management Programs Understaffed and Underprepared

• Nearly 70% of TPRM programs are understaffed by about 29%, with organizations only managing 40% of their total vendor base on average – creating significant security blind spots for most companies.

• The involvement of compliance teams in TPRM has surged from 42% in 2023 to 88% in 2025, driven by increasing regulatory pressures, particularly around data privacy and operational resilience.

• While cybersecurity remains the most tracked third-party risk (85%), only 35% of organizations feel prepared for incident response, with 41% still relying on spreadsheets despite growing AI adoption (14% active implementation, 65% exploring).

Social Engineering Remains Top Initial Access Vector in Unit 42 IR Cases

• Social engineering was the top initial access vector in 36% of Unit 42 incident response cases between May 2024-2025, with high-touch attacks on the rise where threat actors like Muddled Libra bypass MFA and exploit IT support processes to escalate privileges in minutes.

• Data exposure resulted from 60% of social engineering attacks, significantly higher than the 44% rate seen in other attack vectors, with financial gain being the primary motivation in 93% of cases.

• Non-phishing social engineering techniques are gaining ground, with SEO poisoning, fake system prompts, and help desk manipulation accounting for 35% of social engineering cases, forcing defenders to strengthen identity resilience and visibility across workflows.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

CISO Melina Scotto Shares Insights on Cybersecurity Career Paths

• Former Fortune 500 CISO Melina Scotto recommends pursuing certifications through organizations like ISC2 and platforms like Udemy before committing to full degree programs, noting that while formal education remains valuable for leadership roles, certifications may suffice for technical positions.

• Scotto emphasizes gaining practical experience in different systems, networking, and AI before specializing in cybersecurity, as understanding technical details helps security professionals work effectively with operations teams.

• The industry has evolved from viewing cybersecurity teams as "nags" to recognizing them as essential business partners, with organizations now understanding that cyber risk is business risk and well-maintained systems improve both security and operational performance.

Cybersecurity Job Market Shows Significant Challenges for GRC Professionals

• A GRC security professional with 5 years of experience reports applying to 80 jobs over 7 weeks, resulting in only 4 substantive interviews, highlighting the competitive nature of the current cybersecurity job market.

• Many interviews focused on technical skills outside traditional GRC expertise, including coding requirements, SIEM usage, threat hunting, and EDR knowledge – suggesting employers are seeking broader technical competencies even for governance-focused roles.

• Community responses indicate this experience is common, with multiple professionals noting extended unemployment periods and increasing technical requirements for traditionally non-technical security roles, including coding assessments for GRC positions.

Cybersecurity Professionals Question Value Of Certifications Without Experience

• Industry professionals are emphasizing that cybersecurity is not an entry-level field – it typically requires foundational IT experience before specialization, with many hiring managers looking past certifications to practical skills.

• Multiple experienced cybersecurity practitioners report employment challenges despite having advanced certifications (like CISSP, GCIH, GDAT), suggesting that the current job market values demonstrated competence over credentials alone.

• The consensus among commenters is that certifications primarily help candidates pass initial HR filters but rarely compensate for a lack of hands-on experience, with hiring managers increasingly scrutinizing applicants who pursue certifications without building relevant technical backgrounds.

AI & Security

MAS Hijacking Attack Compromises Multi-Agent AI Systems

• Trail of Bits released pajaMAS, a set of demo exploits showing how attackers can manipulate multi-agent systems (MAS) to execute malicious code, even when individual agents have strong prompt injection defenses.

• The attack works by exploiting inter-agent communication, turning agents into confused deputies that launder unsafe data from other agents, with attack vectors including compromised environments, tools, agent memory, and URL anchors.

• Researchers recommend defensive measures including validation of command chains, tool provenance tracking, strict session hygiene, and implementing security at the orchestration layer rather than within individual agents.

OWASP Releases Comprehensive GenAI Incident Response Guide

• The OWASP GenAI Security Project has published a new guide to help security teams respond to incidents involving generative AI applications, addressing the unique challenges posed by their probabilistic nature and semantic vulnerabilities.

• The guide provides practical frameworks for risk assessment, asset classification, detection techniques, and response protocols specific to AI systems, with dedicated sections for attacks on AI systems, supply chains, and third-party model providers.

• According to 2025 McKinsey data cited in the guide, fewer than 50% of organizations are actively mitigating security risks associated with GenAI, highlighting a significant gap in organizational preparedness for AI-related threats.

GenAI LLMs Generate Insecure Code 45% Of The Time, Study Finds

• Only 55% of code generated by AI models is secure, with the remaining 45% containing known vulnerabilities like SQL injection, XSS, log injection, and insecure cryptographic algorithms.

• Security performance remains consistent regardless of model size and has shown minimal improvement over time, even as LLMs get better at generating functionally correct code.

• Test results varied significantly across different vulnerability types (CWEs) and programming languages (Java, JavaScript, C#, and Python), but remained surprisingly consistent across different AI models.

Market Updates

Palo Alto Networks to Acquire CyberArk in $25 Billion Deal

• Palo Alto Networks will acquire CyberArk for approximately $25 billion, marking its formal entry into identity security as a core pillar of its multi-platform strategy.

• The strategic combination aims to disrupt the legacy IAM market by extending robust, security-first privileged access management principles to all identity types – human, machine, and autonomous AI agents.

• Integration will create a unified security platform that addresses critical credential protection challenges while securing Agentic AI, ensuring AI agents receive just-in-time access with least privilege principles.

Comp AI Secures $2.6M Pre-Seed To Disrupt SOC 2 Compliance Market

• San Francisco-based startup Comp AI has raised $2.6M in pre-seed funding to transform how companies achieve compliance with frameworks like SOC 2, HIPAA, and ISO 27001 through AI-powered automation.

• The company claims its AI-powered approach can automate up to 90% of the compliance process, helping early customers save over 2,500 hours on manual compliance work with its solution positioned as a developer-friendly alternative to traditional platforms.

• Funding will support the expansion of their open-source platform enabling security professionals to contribute control templates, and launch their AI Agent Studio for automated evidence collection and risk assessments.

Echo Raises $15M for Vulnerability-Free Container Images

• Echo secured $15M in seed funding led by Notable Capital and Hyperwise Ventures to develop container base images built from the ground up to be free of known vulnerabilities.

• Founded by former Argon Security creators, Echo allows customers to simply replace the base image in their Dockerfile with a CVE-free version without switching to non-standard operating software.

• The company has reduced vulnerability remediation timelines from an industry average of 120 days to just 24 hours, with changes reflected in customers' existing scanners and CNAPPs.

Tools

Tracebit

A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.

xocopy

Copy executables with execute, but no read permission on Unix systems.

OWASP Bricks

Deliberately vulnerable web application for security professionals to practice attack techniques.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

A new study shows 70% of third-party risk management programs are understaffed by nearly 30%. It's almost like we're setting ourselves up for failure. We know human factors matter, but we're not investing in the human resources to actually manage those risks properly.

In this week's brief:

• SharePoint servers are under active attack through a zero-day vulnerability chain with no patch available yet
• TPRM programs are significantly understaffed just as regulatory pressures are intensifying
• AI security incidents are hitting 97% of organizations, and it turns out it's really all about API security

The thread connecting these stories? We're dealing with complex, interconnected risks that require both technical solutions and adequate staffing to manage effectively.

Here's my question for you this week: If you had to choose between hiring one more security analyst or one more vendor risk specialist, which would have bigger impact on your organization's security posture right now?

Industry News

Microsoft SharePoint Servers Under Attack Through Zero-Day Vulnerability Chain

• Eye Security detected active exploitation of a new SharePoint RCE vulnerability chain dubbed "ToolShell" (CVE-2025-53770), allowing attackers to compromise systems without authentication by exploiting vulnerabilities in the ToolPane.aspx component.

• Attackers deploy a malicious ASPX file that extracts MachineKey configurations, enabling them to generate valid ViewState payloads for complete remote code execution using tools like ysoserial.

• Microsoft has acknowledged the vulnerability but has not released a patch; organizations should isolate affected servers, scan for the malicious spinstall0.aspx file, and rotate all credentials that may have been exposed.

Hacker Plants Computer 'Wiping' Commands in Amazon's AI Coding Agent

• A hacker compromised Amazon's AI coding assistant 'Q' by adding code that instructed the software to "clean a system to a near-factory state and delete file-system and cloud resources," which Amazon then released to users.

• The attacker claimed they gained access by simply submitting a pull request to the tool's GitHub repository, highlighting significant security gaps in Amazon's code review and release process.

• While the wiping commands likely wouldn't have worked properly, the hacker stated they could have caused much more damage with their access and wanted to expose what they called Amazon's AI "security theater."

Nigerian Cybercrime Ring SilverTerrier Targets Aviation Executives With BEC Scams

• A long-running Nigerian cybercrime ring known as SilverTerrier is actively targeting transportation and aviation companies with sophisticated business email compromise (BEC) attacks, resulting in at least one customer suffering a six-figure financial loss.

• After compromising an executive's Microsoft 365 credentials, attackers quickly established look-alike domains and sent modified invoice demands to customers, revealing an extensive infrastructure with hundreds of phishing domains registered since 2012.

• BEC scams generated nearly $2.8 billion in losses last year, making them the second most costly form of cybercrime reported to the FBI, with victims having 72 hours to use the Financial Fraud Kill Chain to potentially recover stolen funds.

Leadership Insights

CyberCube Analysis Identifies 2% of Large Firms at Highest Scattered Spider Ransomware Risk

(https://insights.cybcube.com/en/firms-highest-scattered-spider-risk?ref=cybersecstats.com)

• Scattered Spider has resurfaced with renewed intensity, conducting 11 major attacks between April-July 2025 across retail, insurance, and airline industries, causing significant financial damage (up to $592 million to UK retailers alone).

• The threat actor exhibits a pattern of targeting multiple companies within one sector before moving to another, utilizing sophisticated social-engineering tactics to bypass authentication systems and infiltrate high-value corporate networks.

• CyberCube's Portfolio Threat Actor Intelligence (PTI) solution has identified Manufacturing, Education, IT, and Retail sectors as having the highest concentrations of potential targets for Scattered Spider attacks.

Thales Cloud Security Study Highlights Growing Complexity and Attack Surface

• Cloud security remains the top security spending priority for organizations, with 64% identifying it as a pressing discipline, yet 55% report that securing cloud environments is more complex than on-premises infrastructure – up 4% from last year.

• Four of the top five reported attack targets are cloud-based, with 68% of respondents citing credential and stolen secrets attacks as the fastest-growing cloud infrastructure attack vectors, while only 65% have implemented multifactor authentication.

• Organizations are placing more sensitive data in the cloud (54% of cloud data is now sensitive, up from 47% last year), but encryption practices remain inadequate, with tool sprawl complicating management as 57% use five or more key management systems.

Mitratech Study: Third-Party Risk Management Programs Understaffed and Underprepared

• Nearly 70% of TPRM programs are understaffed by about 29%, with organizations only managing 40% of their total vendor base on average – creating significant security blind spots for most companies.

• The involvement of compliance teams in TPRM has surged from 42% in 2023 to 88% in 2025, driven by increasing regulatory pressures, particularly around data privacy and operational resilience.

• While cybersecurity remains the most tracked third-party risk (85%), only 35% of organizations feel prepared for incident response, with 41% still relying on spreadsheets despite growing AI adoption (14% active implementation, 65% exploring).

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

Books Influencing Modern Cybersecurity Leadership Styles

• Top cybersecurity executives recommend books across multiple domains including risk measurement ("How to Measure Anything in Cybersecurity Risk"), decision-making psychology ("Thinking, Fast and Slow"), and social engineering ("The Art of Deception") to help security professionals improve technical and leadership capabilities.

• Many CISOs emphasize books on human factors in security, with recommendations focusing on understanding vulnerabilities in human behavior rather than just technical systems – highlighting works that explore deception techniques, ethical hacking perspectives, and the psychology behind security breaches.

• Leadership-focused recommendations extend beyond traditional management topics to include works on empathy and communication ("Dare to Lead," "Radical Candor"), with several security executives also valuing books that encourage work-life balance and personal fulfillment as crucial for sustainable security careers.

Cybersecurity Director Shares Salary Range and Work-Life Balance Details

• A director of a small incident response team (~10 people) reports earning between $145,000-$185,000 with variations based on sector, experience, location, and certifications, noting it took 25 years to reach this position.

• Entry-level Cybersecurity Analyst positions at their company start at $75K-$80K with a bachelor's degree, $85K-$90K with a master's, and typically reach $100K by year 4, with requirements including background checks and drug testing.

• The role offers exceptional training opportunities and flexibility for side projects, with work-life balance described as better than most cybersecurity positions except during major incidents when long hours are required.

Soft Skills Identified As Most Underrated Cybersecurity Asset In Reddit Discussion

• Learning to talk to people and demonstrating empathy were highlighted as critical skills in cybersecurity, with one commenter noting "People are not computers" and these soft skills being harder to learn than technical capabilities.

• Multiple cybersecurity professionals shared experiences where communication abilities proved more valuable than technical expertise, including one person who secured a junior position primarily based on soft skills rather than technical knowledge.

• Several commenters emphasized that effective stakeholder management is essential for implementing security measures, with one noting "you have to bring your whole org with you otherwise nothing will get done."

AI & Security

AI Security Is API Security: Key Issues Affecting Enterprise Protection

• 97% of organizations report security incidents related to generative AI, with approximately 90% of AI usage classified as "shadow AI" operating outside IT oversight.

• API vulnerabilities remain the primary attack vector for AI systems, with authorization flaws, authentication weaknesses, and parameter manipulation being the most common exploit paths.

• Effective AI security requires comprehensive discovery of all AI assets (including third-party integrations) and adoption of emerging frameworks like OWASP LLM Top 10 and ISO 42001.

2025 State of AI Report Highlights Key Trends in AI Product Development and Security

• The report reveals that hallucinations and explainability/trust are the top challenges when deploying AI models, with 39% and 38% of respondents citing these issues respectively, followed by proving ROI (34%).

• AI-native companies are progressing faster through development cycles than AI-enabled peers, with 47% of AI-native products already at scaling stage compared to just 13% of AI-enabled products.

• While 80% of companies rely on third-party AI APIs, high-growth organizations are increasingly developing proprietary models and implementing advanced security monitoring – 75% of scaled AI products now feature advanced performance monitoring with drift detection.

AI Agent Developer Identifies Three Critical Flaws in Current Agent Technology

• Despite building multiple successful production AI agent systems, the author highlights three fundamental limitations: error rates compound exponentially in multi-step workflows (95% reliability per step = 36% success over 20 steps), making autonomous complex workflows mathematically impossible at scale.

• Token economics create a significant barrier as context windows cause quadratic cost scaling – successful production agents are typically stateless, focused tools rather than the conversational agents being promoted.

• The challenge isn't in AI capabilities but in tool engineering – approximately 70% of effective agent systems require carefully designed feedback interfaces, context management, and handling partial failures in ways AI can understand.

Market Updates

Cybersecurity Startup Maro Secures $4.3M Seed Funding to Address Human Risk

• Maro's platform provides real-time behavioral interventions to address threats linked to human error, insider risk, and misuse of AI tools.

• Founded by cybersecurity veterans from multiple successful startups, Maro developed its solution with input from security leaders in FinTech, healthcare, and retail industries.

• The funding from Downing Capital Group will support team expansion, product development, and go-to-market efforts as Maro addresses challenges created by generative AI, remote work, and shadow SaaS.

22 Cybersecurity Startups To Watch, According To VCs

• VCs have identified 22 promising cybersecurity startups addressing challenges from vulnerabilities in software code to identity-based attacks, as cyber crime costs are projected to reach $10.5tn worldwide in 2025.

• Several standout companies focus on AI-powered solutions, including Galink (third-party risk), HelmGuard (security data aggregation), Lakera (protecting against prompt injection), and Harmonic Security (safeguarding sensitive data in generative AI).

• Key trends represented by these startups include identity protection, software supply chain security, and privacy-preserving data collaboration – with specialized solutions for industrial infrastructure and cloud environments.

GRC Firm Vanta Raises $150 Million at $4.15 Billion Valuation

• California-based Vanta has secured $150 million in Series D funding led by Wellington Management, bringing their total raised since 2021 to $504 million and increasing their valuation to $4.15 billion.

• Vanta's trust platform simplifies and centralizes compliance for organizations by integrating with hundreds of third-party tools for cloud infrastructure, version control, productivity, and identity services.

• The company announced new AI agents to help with security questionnaires and workflow automation, and plans to expand into third-party risk and government compliance with the new funding.

Tools

ThreatDown EDR

Powerfully simple endpoint security solution that takes down threats without interrupting business.

ocaml-yara

OCaml wrapper for YARA matching engine for malware identification

CloudMatos

An AI-powered Cloud Native Application Protection Platform (CNAPP) that provides unified cloud security with attack surface management for small and medium businesses.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

This week's State of AI report really caught my attention. The fact that 97% of organizations are experiencing security incidents related to generative AI tells us we're still in the early stages of figuring this out. What's particularly striking is that 90% of AI usage is happening in the shadows, outside IT oversight. It's giving me flashbacks to the early days of cloud adoption.

In this week's brief:

• A critical NVIDIA Container Toolkit vulnerability that lets attackers escape containers with just three lines of code
• Why CISOs are burning out at record rates and how the "Don't Fire Me" chart explains the turnover pattern
• How hackers are hiding malware inside DNS records to bypass traditional security controls

Industry News

Hackers Hide Malware Inside DNS Records To Bypass Security Controls

• Threat actors are embedding malicious code within DNS TXT records, converting binaries into hexadecimal format and splitting them across multiple subdomains, effectively bypassing traditional security monitoring systems.

• This technique exploits a security blind spot as DNS traffic is often less scrutinized than web or email traffic, with the challenge amplified by encrypted DNS protocols like DOH (DNS over HTTPS) and DOT (DNS over TLS).

• DomainTools researchers discovered this method being used to distribute Joke Screenmate malware and also found DNS records containing text designed for prompt-injection attacks against AI chatbots.

Critical Container Escape Vulnerability Found in NVIDIA Container Toolkit

• Wiz Research discovered a critical vulnerability (CVE-2025-23266) in NVIDIA Container Toolkit with a CVSS score of 9.0, allowing attackers to escape container isolation with just a three-line Dockerfile and gain full root access to host machines.

• The vulnerability affects all NVIDIA Container Toolkit versions up to v1.17.7 and GPU Operator versions up to 25.3.1, posing significant risks to AI cloud services where multiple customers share GPU infrastructure.

• Organizations should immediately upgrade to the latest version or implement NVIDIA's provided mitigations, as this vulnerability does not require internet exposure but can be exploited through container images from untrusted sources.

Malware-as-a-Service Operation Exploits GitHub To Distribute Payloads

• Cisco Talos researchers discovered a MaaS operation using public GitHub accounts to distribute malicious software, providing attackers with a reliable platform that's typically whitelisted in enterprise networks with software development teams.

• The campaign, active since February 2025, deployed the Emmenhtal (PeakLight) loader to deliver Amadey malware, which collects system information and downloads customized secondary payloads based on infected device characteristics.

• GitHub removed the three malicious accounts after notification, but the campaign demonstrates how threat actors can bypass web filtering in environments where GitHub access is required for legitimate development purposes.

Leadership Insights

2025 State of AI Report Highlights Key Trends in AI Product Development and Security

• The report reveals that hallucinations and explainability/trust are the top challenges when deploying AI models, with 39% and 38% of respondents citing these issues respectively, followed by proving ROI (34%).

• AI-native companies are progressing faster through development cycles than AI-enabled peers, with 47% of AI-native products already at scaling stage compared to just 13% of AI-enabled products.

• While 80% of companies rely on third-party AI APIs, high-growth organizations are increasingly developing proprietary models and implementing advanced security monitoring – 75% of scaled AI products now feature advanced performance monitoring with drift detection.

CyberCube Analysis Identifies 2% of Large Firms at Highest Scattered Spider Ransomware Risk

(https://insights.cybcube.com/en/firms-highest-scattered-spider-risk?ref=cybersecstats.com)

• Scattered Spider has resurfaced with renewed intensity, conducting 11 major attacks between April-July 2025 across retail, insurance, and airline industries, causing significant financial damage (up to $592 million to UK retailers alone).

• The threat actor exhibits a pattern of targeting multiple companies within one sector before moving to another, utilizing sophisticated social-engineering tactics to bypass authentication systems and infiltrate high-value corporate networks.

• CyberCube's Portfolio Threat Actor Intelligence (PTI) solution has identified Manufacturing, Education, IT, and Retail sectors as having the highest concentrations of potential targets for Scattered Spider attacks.

AI Security Is API Security: Key Issues Affecting Enterprise Protection

• 97% of organizations report security incidents related to generative AI, with approximately 90% of AI usage classified as "shadow AI" operating outside IT oversight.

• API vulnerabilities remain the primary attack vector for AI systems, with authorization flaws, authentication weaknesses, and parameter manipulation being the most common exploit paths.

• Effective AI security requires comprehensive discovery of all AI assets (including third-party integrations) and adoption of emerging frameworks like OWASP LLM Top 10 and ISO 42001.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

The "Don't Fire Me" Chart Explains CISO Turnover Pattern

• Security improvement cycles often appear worse before getting better - as CISOs implement better monitoring and risk assessment tools, they uncover previously hidden issues, creating a false impression of deteriorating security posture.

• High CISO turnover occurs when leadership misinterprets the discovery of additional security issues as program failure rather than recognizing it as a necessary phase in the improvement cycle.

• Long-term leadership commitment is essential - organizations that support security leaders through the entire improvement cycle ultimately achieve sustainable risk reduction, unlike those that repeatedly restart the process with new hires.

CISOs Face Increasing Burnout And Personal Liability As Regulatory Demands Grow

• CISOs are experiencing unprecedented levels of burnout with 91% reporting moderate to high stress, as they face increased responsibilities without proportional authority, creating what one expert calls an "unsustainable" imbalance.

• Many security leaders are structurally underpowered within organizations, often reporting to CTOs or CFOs rather than having direct board access, while simultaneously facing growing personal accountability and legal liability for security incidents.

• A new Professional Association of CISOs (PAC) is forming to establish standardized accreditation, advocate for legal protections, and create support networks to help address the growing challenges of the role.

Cybersecurity Professionals Share Day-To-Day Responsibilities On Reddit Thread

• SOC Analysts describe their daily routines of triaging alerts, investigating potential threats, and using various security tools to determine if incidents require escalation.

• Information Security professionals highlight responsibilities including vulnerability management, CIS hardening, phishing email analysis, and serving as escalation points for MSSP alerts.

• Senior roles such as executives and department heads report spending significant time in meetings, managing organizational governance, and handling administrative tasks like budgeting and vendor management.

AI & Security

Amazon Launches Bedrock AgentCore for Enterprise-Grade AI Agent Deployment

• AWS has introduced Amazon Bedrock AgentCore in preview, a comprehensive suite of services that helps developers securely deploy and operate AI agents at scale using any framework and model, eliminating the need to build foundational infrastructure.

• The suite includes seven key components: AgentCore Runtime (for isolated serverless environments), Memory (for context management), Observability (for visualization and debugging), Identity (for secure access to services), Gateway (for API transformation), Browser (for web automation), and Code Interpreter (for running generated code).

• AgentCore works with open source or custom AI agent frameworks, supports AWS Marketplace integration, and is available in preview in four regions with free usage until September 2025 when pricing will begin.

Researchers Call For Expanded AI Red Teaming Beyond Model-Level Testing

• Current AI red teaming practices focus too narrowly on finding individual model vulnerabilities, overlooking broader sociotechnical systems and emergent behaviors that arise from interactions between models, users, and environments.

• Authors propose a comprehensive framework with both macro-level (system) red teaming spanning the entire AI development lifecycle and micro-level (model) red teaming, drawing on cybersecurity experience and systems theory.

• Effective AI red teaming requires multifunctional teams examining risks across seven lifecycle stages: inception, design, data, development, deployment, maintenance, and retirement.

Cloud Security Alliance Introduces First Vendor-Agnostic AI Controls Matrix

• The AI Controls Matrix (AICM) is designed to help organizations develop and implement AI technologies securely, featuring 243 control objectives across 18 security domains and built on the foundation of the Cloud Control Matrix.

• Set for release on July 10, 2025, the AICM bundle includes a control matrix, assessment questionnaire, and mappings to major standards including BSI AIC4, NIST AI 600-1, with ISO 42001 and EU AI Act mappings coming soon.

• The framework takes an open, expert-driven, consensus-based approach to help organizations assess AI-specific risks, build trustworthy AI systems, and align with international standards in a measurable way.

Market Updates

Zero Networks Secures USD 20 Million Series B Funding For Network Segmentation Solution

• Zero Networks has raised $20M in Series B funding led by US Venture Partners (USVP), following a five-fold revenue increase, bringing total funding to $45M for their lateral movement prevention solution.

• The company's SaaS platform automatically creates granular security policies that restrict user and machine access, requiring multi-factor authentication for accessing sensitive protocols commonly exploited by attackers.

• Founded in 2019, Zero Networks serves diverse customers including global banks, US retailers, manufacturing corporations, and healthcare organizations across the US, Europe, and the Middle East.

Empirical Security Raises $12M Seed Round for AI-Powered Enterprise Cybersecurity

• Empirical Security's platform uses a dual-model AI architecture that builds both global and local cybersecurity models tailored to each enterprise's specific infrastructure and risk profile.

• The funding round was led by Costanoa Ventures with participation from DNX Ventures, Sixty Degree Capital, HPA, and strategic investors including former security leaders from Google and Qualys.

• Founded by the team behind Kenna Security, Empirical aims to transform prioritization by analyzing millions of daily exploitation events and adapting that intelligence to each client's unique threat environment.

Cybersecurity Funding Reaches Three-Year High in First Half of 2025

• Investors poured $9.4 billion into cybersecurity and privacy startups in H1 2025, with Q2 funding surging to $4.9 billion, marking the highest level in three years.

• AI-powered security platforms dominated large funding rounds, with Cyera securing the largest Q2 investment of $540 million at a $6 billion valuation, while 11 companies received rounds of $100 million or more.

• Despite strong investment activity, exits remained muted in Q2 with no cybersecurity IPOs and only a few notable acquisitions of well-funded startups like Red Canary, TrueWork, and Protect AI.

Tools

BitLyft AIR Platform

BitLyft AIR Platform is a managed detection and response solution that combines AI-driven security monitoring with human expertise to provide comprehensive threat detection and incident response services.

Cloudflare Access

Cloudflare Access is a zero trust network access solution that secures applications and resources by implementing identity-based authentication and authorization without traditional VPN infrastructure.

Netenrich Resolution Intelligence

A security analytics platform that integrates with Google Chronicle to deliver Autonomic Security Operations through data engineering, detection engineering, and response engineering.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

I've been thinking a lot about how we measure success in cybersecurity, especially after seeing this week's research showing that customers now value security and trustworthiness over product quality and value. It's a fundamental shift that validates what we've been saying for years - security isn't just a cost center, it's a competitive advantage.

In this week's brief:

• McDonald's hiring platform exposed 64 million job applications using default credentials "123456" - a reminder that basic security hygiene still matters more than sophisticated threats
• AI automation is eliminating entry-level cybersecurity roles, creating a skills gap problem we need to address now
• New research confirms customers prioritize security and trust over product features when choosing services

The stories this week really highlight the tension between advancing technology and fundamental security practices. We're seeing AI create new attack vectors while simultaneously threatening the pipeline of junior talent we need to defend against them.

What's your take - are we moving too fast with AI adoption without properly securing the foundations, or is this just the natural evolution of our field?

Industry News

SLOW#TEMPEST Malware Uses Advanced Obfuscation Techniques to Evade Detection

• Unit 42 researchers discovered a SLOW#TEMPEST campaign variant using sophisticated obfuscation techniques including control flow graph manipulation and dynamic jumps to complicate analysis and evade detection.

• The malware is distributed via ISO files and employs DLL sideloading through legitimate applications, with the payload strategically separated across multiple files requiring both to be present for execution.

• An anti-sandbox check prevents execution on systems with less than 6 GB of RAM, allowing the malware to bypass automated analysis environments while targeting actual production systems.

McDonald's Hiring Platform Exposed 64 Million Job Applications Through IDOR Vulnerability

• Security researchers discovered McHire (used by 90% of McDonald's franchisees) allowed access with default credentials "123456:123456" and contained an IDOR vulnerability in the candidate information API, potentially exposing personal data of over 64 million job applicants.

• The vulnerability leaked applicants' personally identifiable information including names, email addresses, phone numbers, addresses, work preferences, and even authentication tokens that could allow unauthorized access to their chat messages.

• After disclosure on June 30th, 2025, Paradox.ai (the platform developer) quickly remediated the issues within 24 hours, with credentials disabled within 2 hours and full confirmation of resolution the following day.

Louis Vuitton UK Customer Data Compromised in Cyber-Attack

• Unauthorized third parties accessed Louis Vuitton's UK systems on July 2, stealing customer data including names, contact details, and purchase history, though financial data like bank details was not compromised.

• This is the third breach affecting LVMH brands in three months – Louis Vuitton's Korean operation experienced a similar attack last week, and Christian Dior Couture reported customer data access in May.

• The company has notified relevant authorities including the Information Commissioner's Office and warned customers about potential phishing attempts or fraud using the stolen information.

Leadership Insights

Customer Identity Trends Report 2025: Security and Trust Trump Quality and Value

• When deciding to create an account with a service provider, 74% of users consider company trustworthiness and 72% consider security measures as important factors—outranking the quality and value of products or services.

• Fraud is top of mind for customers with 64% expressing concern about identity fraud, while signup friction is costly—23% of users report always or often abandoning purchases due to signup/login issues, with younger generations and tech enthusiasts being least tolerant.

• The threat landscape is severe—46.1% of registration attempts and 16.9% of login attempts exhibit malicious behavior, with retail/ecommerce experiencing 22.2% malicious login activity and brute-force attacks exceeding legitimate signups by 120 times.

DragonForce Attacks Rival Ransomware Groups, Including RansomHub

• DragonForce, a minor ransomware operator, launched a defacement campaign targeting several competitors in March 2025, taking down the dark web sites of BlackLock, Mamona, and RansomHub - previously the top ransomware-as-a-service provider.

• Despite an overall 15% increase in ransomware attacks and a 43% growth in the number of active gangs in 2024, total ransom payments dropped by 35% according to Chainalysis, suggesting diminished victim confidence in the reliability of these criminal groups.

• RansomHub remained inactive after the DragonForce attack, which included false claims that RansomHub had voluntarily joined DragonForce's cartel, leading to a heated public exchange on the RAMP forum.

2025 Identity Theft Resource Center Report Shows Shifting Trends in Identity Crimes

• The ITRC report reveals a significant shift in identity crime patterns: fewer victims are reporting compromise of personal information (35%) than actual misuse (52%), reversing previous trends where more victims reported information exposure than actual fraud.

• Three key trends identified: AI technology is making it easier for criminals to coerce victims into revealing credentials, identity thieves are increasingly accessing various existing accounts through sophisticated techniques, and individuals are becoming more proactive about protecting their identities.

• Most common attack vectors include impersonation scams (34% of reported scams), account takeover (53% of misuse cases), and new account fraud (36% of misuse cases), with financial accounts like credit cards and checking accounts being primary targets.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

Reddit Thread Prompts Cybersecurity Professionals to Share Career-Defining Moments

• The r/cybersecurity community thread asks professionals to share their "EUREKA moments" – those pivotal realizations or experiences that shaped their understanding of the field.

• With 1.2 million members, this discussion falls under the "Career Questions & Discussion" category, highlighting the importance of knowledge sharing and mentorship in cybersecurity professional development.

• The thread presents an opportunity for cybersecurity experts to reflect on transformative learning experiences that could benefit newcomers navigating their career paths in the industry.

Reddit Cybersecurity Community Discusses Most Valuable Professional Tools

• A Reddit user in r/cybersecurity initiated a discussion thread asking professionals about the most helpful tools they use in their current positions, reaching the community of 1.2M members.

• The post was tagged under "Business Security Questions & Discussion," indicating its focus on professional applications rather than academic or theoretical cybersecurity topics.

• This thread represents an opportunity for security practitioners to share tool recommendations and best practices across different job roles and specializations within the cybersecurity field.

AI Automation Threatens Entry-Level Cybersecurity Roles

• As AI increasingly automates low-level detection and triage tasks, junior analysts are losing critical hands-on experience needed to develop core competencies for advanced positions.

• Industry experts recommend simulation-based training programs and apprenticeships as stopgaps to provide early-career professionals with necessary experience that automation has eliminated.

• Cybersecurity remains a "deeply sociotechnical problem" requiring human creativity and judgment, with the best security teams using AI "as an amplifier, not a replacement" for human expertise.

AI & Security

Researchers Introduce "Security Steerability" as New Measure for LLM Security

• Intuit AI security researchers developed "Security Steerability" - a novel metric that measures an LLM's ability to adhere to application-specific guardrails defined in system prompts, even when users attempt to circumvent them through jailbreaks or text perturbations.

• Their research revealed minimal correlation between conventional LLM security measures (resistance to generating prohibited content) and security steerability, indicating current security evaluation approaches fail to address application-level threats.

• Two new evaluation datasets were introduced - VeganRibs and ReverseText - to test 14 open-source LLMs, with findings showing that models with high scores in universal security often performed poorly in enforcing application-specific boundaries.

Researchers Identify Over 30 Attack Techniques Against LLM-Powered AI Agent Workflows

• The paper introduces the first unified threat model for LLM-agent ecosystems, categorizing attacks into four domains: Input Manipulation, Model Compromise, System and Privacy Attacks, and Protocol Vulnerabilities.

• Researchers document alarming success rates across attack types - adaptive prompt injections bypass defenses in over 50% of cases, composite backdoor attacks achieve 100% success rates, and protocol-level exploits can leak private repository data through seemingly benign GitHub issues.

• The study identifies key open challenges including securing Model Context Protocol (MCP) deployments, designing hardened Agentic Web Interfaces, and achieving resilience in multi-agent and federated environments.

LLMs Generate Vulnerable Code But Self-Correction Mechanisms Show Promise

• All tested LLMs frequently generate vulnerable code, with vulnerability rates ranging from 9.8% to 42.1% across different models and datasets, sharing similar distributions of top vulnerability types despite differences in model architectures.

• Self-generated vulnerability hints can effectively reduce vulnerabilities (by up to 13.9% in some cases), but this depends on hints being relevant, precise, and contextualized to the specific coding scenario – otherwise, they may actually increase vulnerability rates.

• Post-hoc vulnerability repair using feedback from static analysis tools works well for advanced models like GPT-4o and DeepSeek-Coder-V2, with explained feedback providing 7-28% greater reduction in vulnerabilities compared to direct feedback alone.

Market Updates

Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent

• Early-stage cybersecurity venture firm Cyberstarts announced a $300 million Employee Liquidity Fund that allows startup employees to sell vested shares without leaving their companies.

• The fund addresses the challenge of extended IPO timelines by providing a path to liquidity that helps align incentives and sustain long-term employee commitment at portfolio companies like Wiz, Fireblocks, Island, and Cyera.

• This initiative brings Cyberstarts' total capital commitments to over $1 billion across six funds, with implementation handled by each company's HR team based on their specific talent needs.

AirMDR Secures $15.5 Million Funding for AI-Powered MDR Solution

• AirMDR, an AI-native MDR startup founded in 2023, has raised $15.5 million in combined seed and infusion funding led by Race Capital with support from Foundation Capital and Storm Ventures.

• The company's solution features an AI analyst that autonomously triages security alerts in real-time, while human experts provide verification of findings, creating a hybrid defense model suitable for both enterprises and SMBs.

• Funds will be used to accelerate R&D efforts, enhance AI analyst capabilities, and scale the company's sales and marketing team as they pursue their mission of bringing "Fortune 500 quality SOC to every enterprise at an affordable price."

Virtru Secures $50 Million Series D Funding, Doubles Valuation To $500 Million

• Data security company Virtru has raised $50 million in Series D funding led by Iconiq, with participation from Bessemer Venture Partners, Foundry, and The Chertoff Group, doubling its previous valuation to $500 million.

• Founded in 2012 by brothers John and Will Ackerly, who previously worked in the Bush Administration and NSA respectively, Virtru leverages Trusted Data Format (TDF) to provide data protection for 6,700 customers including Equifax, Capital One, JPMorganChase, and the U.S. Department of Defense.

• The company plans to expand its platform to become a data security leader in an AI-driven landscape, focusing on its mission of "securing all data everywhere" by tagging and managing data wherever it goes.

Tools

InSights by Inquest

InSights by InQuest is a threat intelligence platform that delivers curated feeds of IOCs and C2 information to help security teams detect and respond to emerging threats.

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

PlexTrac

PlexTrac is a centralized platform for penetration test reporting and threat exposure management that helps security teams streamline assessment workflows, prioritize remediation, and track security posture improvements.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

I've been thinking about how we keep talking about "insider threats" but completely miss the new players in our networks. With 84% of attacks now using legitimate system tools against us, it's clear attackers have figured out something we're still catching up to - they don't need to break in when they can just blend in.

In this week's brief:

• A 12-year-old Sudo vulnerability that's been hiding in plain sight finally surfaces
• AI agents are becoming the insider threats we never saw coming
• Why executives bypassing security controls might be your biggest career lesson yet

Industry News

CVE-2025-32462: Sudo Host Option Privilege Escalation Vulnerability Found After 12 Years

• Stratascale's Cyber Research Unit discovered a privilege escalation vulnerability in Sudo's host option that allows attackers to bypass hostname restrictions and gain root access by referencing unrelated remote host rules.

• The vulnerability affects Sudo versions 1.8.8 to 1.9.17 and has been present since 2013, impacting enterprises using Host_Alias directives in their sudoers configurations.

• Immediate remediation requires upgrading to Sudo 1.9.17p1 or later, as no workarounds exist for this vulnerability that has been verified on Ubuntu 24.04.1 and macOS Sequoia 15.3.2.

Ahold Delhaize Hit With Data Breach Affecting 2.2M Employees, INC Ransomware Claims Responsibility

• A data breach at Ahold Delhaize USA Services impacted over 2.2 million individuals with stolen data including SSNs, driver's license numbers, financial accounts, and health information from current and former employees.

• The unauthorized access occurred November 5-6, 2024, but wasn't publicly attributed until April 2025 when the INC ransomware group claimed responsibility on their dark web leak site, posting sample data and threatening full release.

• This represents the largest data breach in the food and beverage sector since tracking began in 2018, with the company offering affected individuals two years of complimentary monitoring and identity protection services.

Azure Arc Vulnerabilities Enable Hybrid Network Privilege Escalation

• Azure Arc extends Azure management to on-premises systems, allowing attackers to potentially exploit misconfigured Service Principals with the Azure Connected Machine Resource Administrator role to execute code remotely as SYSTEM.

• Hardcoded secrets in deployment scripts, especially when using Group Policy or SCCM deployment methods, provide attackers with credential material that can be leveraged to gain control of both cloud and on-premises infrastructure.

• Multiple code execution vectors exist within Azure Arc, including Run Commands and Custom Script Extensions (CSE), which can be used for persistence and lateral movement between hybrid environments.

Leadership Insights

DDoS Attacks Against Financial Sector Evolve From Nuisance To Strategic Threat

• The financial sector remains the top target for DDoS attacks, with a significant spike in October 2024 and a 23% increase in application-layer attacks between 2023-2024, particularly targeting APIs (58% increase).

• Today's DDoS attacks are increasingly sophisticated, with threat actors employing methodical reconnaissance, multi-vector strategies, and dynamic tactics designed to bypass automated defenses, sometimes causing service outages lasting days.

• Notable threat actors include BlackMeta, NoName057(16), RipperSec, and GorillaBot, with attacks often coinciding with geopolitical events, demonstrating the strategic nature of modern DDoS campaigns.

Bitdefender Report Reveals 84% of Cyberattacks Use Living Off the Land Techniques

• Bitdefender's 2025 Cybersecurity Assessment Report analyzed 700,000 cyber incidents, finding that 84% of major attacks now leverage Living Off the Land (LOTL) techniques where attackers use legitimate system tools like PowerShell and WMI to evade detection.

• 68% of security leaders agree that reducing the attack surface by disabling unnecessary tools and applications is critical, as the modern risk environment is increasingly built from within rather than external perimeters.

• Significant perception gaps exist between organizational levels, with 45% of C-level executives reporting high confidence in cyber readiness compared to only 19% of mid-level managers, potentially leading to misaligned priorities and investments.

Sophos State of Ransomware 2025: Data Encryption Reaches Six-Year Low as Recovery Costs Decline

• Data encryption in ransomware attacks dropped significantly from 70% in 2024 to 50% in 2025, while the average recovery cost (excluding ransom) fell by 44% to $1.53 million, down from $2.73 million last year.

• Vulnerabilities remain the top attack vector (32% of incidents), followed by compromised credentials (23%) and malicious emails (19%), with 40.2% of victims citing lack of expertise as the primary operational factor contributing to successful attacks.

• The median ransom payment fell by half to $1 million (from $2 million in 2024), with organizations typically paying 85% of the initial demand, while recovery speed improved with 53% of companies fully restored within a week compared to 35% in 2024.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

Executives Bypassing MFA Requirements Lead To Security Breach

• Security professional shares experience with executives who don't take security seriously, requiring hand-holding through security reports and questioning consequences of unaddressed risks.

• A CEO's work email was hacked after being placed on a conditional access list that removed MFA requirements, likely due to credential breach or phishing.

• Many business leaders, including those working with sensitive sectors like the US Military, admitted to never implementing security measures despite their leadership positions.

Cybersecurity Hiring Manager Shares Key Interview Success Factors

• Beyond technical skills and certifications, hiring managers seek candidates who demonstrate an understanding of security workflows and can explain how they've solved problems using specific tools in detail.

• Strong communication abilities are essential as security professionals must collaborate with business teams to explore risk mitigation options rather than simply dictating security requirements.

• Professional composure – including presentation skills and corporate social etiquette – has become a critical hiring factor, with modern security roles requiring business interaction rather than isolated technical work.

• Using AI during interviews is an automatic disqualifier, though AI can be valuable for preparation before interviews to develop more thoughtful responses to anticipated questions.

Red Team Contractor Reports CAD 140/hr Rate With 10+ Years Experience

• A cybersecurity professional with 10+ years of experience shared they earn CAD 140/hr as a red teamer contractor, initiating a discussion about current market rates.

• The post appeared in r/cybersecurity, a community of 1.2M members focused on technical professionals discussing cybersecurity news, research, and threats.

• This data point provides valuable compensation benchmark information for cybersecurity professionals considering contract work in the offensive security space.

AI & Security

AI Agents Identified As Emerging Insider Security Threat

• AI agents are increasingly performing user-like actions (logging in, accessing systems, triggering workflows) but most security teams still treat them as static infrastructure, creating blindspots in identity governance and allowing them to operate with unchecked privileges.

• Only 30% of organizations regularly map non-human identities to critical assets, despite 85% claiming readiness for AI in security, and AI impersonation of users ranks as the top concern for 37% of security leaders.

• Healthcare organizations, among the fastest adopters of AI, are particularly vulnerable with 61% reporting identity-related attacks and only 23% offering passwordless authentication, significantly lagging behind other sectors in identity maturity.

State of LLM Security Report 2025 Reveals Highest Proportion of Serious Vulnerabilities

• LLM pentests reveal that 32% of findings are classified as serious vulnerabilities (high or critical risk), the highest proportion among all asset types tested, yet only 21% of these get resolved – the lowest resolution rate across all pentest types.

• Organizations struggle with remediation of complex LLM vulnerabilities, often prioritizing quicker fixes for simpler issues (19-day MTTR for resolved issues) while leaving more challenging vulnerabilities unaddressed, particularly those dependent on third-party model providers.

• Despite 72% of security professionals citing genAI threats as a top IT risk, only 66% of organizations conduct regular security assessments for their LLM deployments, indicating a critical gap between risk awareness and testing practices.

CISOs Approaching Tipping Point in AI Adoption for Security Operations

• While CISOs have enabled other departments to adopt AI tools, they've been more hesitant about implementing these technologies within security operations due to understandable trust concerns.

• Security is an ideal candidate for AI adoption as it handles text-heavy, high-volume, time-sensitive tasks across multiple domains including vulnerability management, security data pipelines, and application security.

• New AI-native security companies are emerging in key areas like identity management, digital risk protection, and automated pentesting, offering solutions that can finally help security teams achieve "inbox zero."

Market Updates

Cato Networks Raises $359M to Enhance AI-Powered SASE Platform

• Tel Aviv-based Cato Networks secured $359 million in Series G funding at a $4.8B+ valuation, led by Vitruvian Partners and ION Crossover Partners, to enhance their SASE cloud platform that unifies enterprise networking and security.

• The company will use the funding to accelerate AI security capabilities, platform innovation, and expand global operations across its customer and partner ecosystem serving over 3,500 enterprise customers.

• Founded by Shlomo Kramer and Gur Shatz, Cato's cloud-native platform offers comprehensive security features including SD-WAN, SSE, ZTNA, XDR, and LAN security with real-time visibility and automation.

Zero Networks Secures $55M Series C Funding for Microsegmentation Technology

• Tel Aviv-based cybersecurity startup Zero Networks raised $55M in Series C funding led by Highland Europe, bringing total funding to over $100M for its microsegmentation solutions.

• The company will use funding to increase go-to-market investments across North America, EMEA, and APAC regions while developing its automated zero trust architecture that prevents lateral movement at the source.

• Zero Networks offers Zero Trust Network Access and Identity Least Privilege solutions on a unified platform, using an MFA-driven approach that ensures privilege access across users, devices, and workloads.

Cybersecurity Market Expected To Reach $550 Billion By 2033

• The global cybersecurity market is projected to grow from $262.23 billion in 2025 to $549.96 billion by 2033, at a CAGR of 9.7%, driven by increasing targeted attacks and evolving cyber threats.

• North America currently holds the largest market share (36%) while Asia Pacific represents the fastest-growing region, with the healthcare sector expected to see the highest growth rate among end-users.

• Services segment dominates the market as organizations, especially SMEs with limited budgets, seek consultative approaches before implementing specific cybersecurity solutions.

Tools

Appgate SDP

Appgate SDP is a Zero Trust Network Access solution that provides secure, context-aware access to resources across hybrid environments while eliminating traditional VPN limitations.

Strobes Security Consulting Services

Strobes Security Consulting Services provides an integrated cybersecurity platform that combines attack surface management, penetration testing, vulnerability management, and application security with expert consulting services.

SOCRadar Digital Risk Protection Platform

A digital risk protection platform that combines threat intelligence, dark web monitoring, attack surface management, brand protection, and supply chain intelligence to detect and respond to external cyber threats.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

Cybersecurity officially claim the top spot as the biggest business challenge for 2025 - something we've all felt building over the past few years. What strikes me most is that despite this recognition, nearly half of organizations still don't feel prepared. There's clearly a gap between awareness and action that we need to bridge.

In this week's brief:

• A sneaky Microsoft 365 Direct Send vulnerability that's letting attackers send spoofed internal emails without compromising any accounts
• Survey data showing cybersecurity has become the #1 business concern globally, yet most organizations feel unprepared
• The ongoing debate about whether professionals should pay out-of-pocket for certification renewals when employers cut funding

Industry News

Threat Actors Exploit Microsoft 365 Direct Send Feature to Deliver Phishing Emails

• Varonis researchers discovered a phishing campaign targeting over 70 organizations by exploiting Microsoft 365's Direct Send feature, allowing attackers to send spoofed internal emails without needing to compromise accounts.

• The attack requires no authentication and bypasses typical email security controls by using PowerShell to send emails through the predictable smart host format (company-name.mail.protection.outlook.com) with forged sender addresses.

• Organizations can protect themselves by enabling "Reject Direct Send" in Exchange Admin Center, implementing strict DMARC policies, and flagging unauthenticated internal emails for review.

Critical Vulnerability in Open VSX Marketplace Exposed 8 Million Developers to Supply-Chain Attack

• Researchers discovered a vulnerability in Open VSX extensions marketplace that would allow attackers to steal a privileged access token, giving them ability to publish malicious updates to every extension used by popular VSCode forks like Cursor, Windsurf, and VSCodium.

• The flaw existed in the auto-publishing mechanism where NPM install commands ran with access to a privileged token, exposing over 8 million developers to potential compromise through silent extension updates functioning as malware.

• The affected marketplace serves as the primary extension source for dozens of development environments including Google Cloud Shell Editor, GitLab Web IDE, and Arduino IDE 2.x, creating an unprecedented supply-chain risk across the development ecosystem.

Anthropic's Slack MCP Server Vulnerable to Data Exfiltration via Link Unfurling

• A deprecated Anthropic Slack MCP Server is vulnerable to data exfiltration when posting messages, allowing attackers to leak data via hyperlink unfurling by exploiting prompt injection attacks.

• The vulnerability creates a "lethal trifecta" when AI agents use the Slack MCP server, have access to private data, and process untrusted content, enabling attackers to exfiltrate sensitive information including API keys and internal communications.

• A simple patch is available by adding two lines of code to disable link unfurling, but the server is no longer maintained by Anthropic despite its wide usage (14k+ weekly downloads), leaving thousands of installations potentially vulnerable.

Leadership Insights

Cybersecurity Threats Rank as Top Business Challenge in 2025 Global Survey

• Nearly half (47%) of global business leaders identify cybersecurity threats as their leading challenge in 2025, with 74% reporting increased concerns over the past year primarily due to malware (44%), data extortion (37%), and website breaches (37%).

• Despite growing threats, only 45% of organizations feel "very prepared" to address cybersecurity and data privacy issues, with just 12% ranking themselves as "extremely prepared" for global data privacy compliance across jurisdictions.

• AI-powered attacks are emerging as a significant concern (28%), yet organizations show critical governance gaps - 63% lack AI transparency practices, 59% have no AI policies, and 67% haven't engaged their boards on AI risks.

Transportation & Logistics Sector Faces Mounting Network Security Challenges

• Survey reveals that staying ahead of cybersecurity threats (81%) is the top operational challenge for transportation and logistics companies, with ransomware attacks (77%) being the primary security concern, followed by consistent policy enforcement (66%).

• Only 28% of organizations have implemented solutions to address GenAI-related network security issues, while 49% see value in converging networking and security functions for more robust operations.

• Despite the increasing importance of edge security for distributed operations, only 40% of respondents consider it mission-critical, and just 19% have implemented SASE solutions, highlighting significant gaps in modern security adoption.

Security and Network Visibility Top Priorities for Enterprise IT Leaders

• A recent study of 120 US-based IT leaders reveals that security concerns and complexity of network management are their primary challenges, with nearly half planning cybersecurity investments within the next 12 months due to rapid innovation in security technologies.

• Improving visibility into network traffic and diagnostics has emerged as a key focus area, as IT departments aim to better understand network activity, proactively mitigate security threats, and optimize network performance and costs.

• While many enterprises completed major LAN and WAN infrastructure upgrades during the pandemic, evolving from software-defined WAN (SD-WAN) to SASE (Secure Access Service Edge) is now a priority focus area, especially for securing remote workforces.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

Experienced Cybersecurity Analyst Struggles With SOC Role Transitions Despite 7 Years Of Experience

• A cybersecurity professional with 7 years of experience (2 years as InfoSec analyst, 5 years as Threat/Malware analyst) and a Masters degree reports consistent rejection when attempting to return to SOC roles.

• Despite progressing through multiple interview rounds (3-8 rounds) with various companies over the past year, the candidate faces vague rejection reasons, impacting their confidence despite addressing feedback from previous interviews.

• The professional currently works in a niche cybersecurity position with limited compensation and is considering pursuing CISSP certification to improve job prospects after their Security+ certification expired in December 2024.

Cybersecurity Professionals Debate Value of Maintaining Certifications When Employers Cut Renewal Funding

• A cybersecurity professional with 10 years of experience faces difficult decisions about maintaining certifications as their company implements cost-cutting measures and stops covering renewal fees that can cost several hundred dollars.

• The professional distinguishes between entry-level certifications like GIAC GSEC that may have diminishing returns with experience, and advanced certifications like CISSP that justify personal investment due to their demanding qualification process.

• The discussion highlights the emotional investment attached to certifications that represent months of studying and preparation, with many professionals reluctant to let credentials expire despite unclear ROI when paying out-of-pocket.

Ex-Bug Bounty Engineer Developing Challenge-Based Cybersecurity Hiring Tool

• A former HackerOne/Bugcrowd engineer is creating a tool to assess skills through hands-on, challenge-based tasks rather than relying on resumes and traditional interviews.

• The developer is seeking input from security hiring managers, consultancy operators, and professionals frustrated with current methods of evaluating technical ability.

• The initiative focuses on practical assessment techniques for security roles including analysts and penetration testers, with sample challenges available upon request.

AI & Security

OWASP Launches Comprehensive AI Testing Guide To Address Unique Security Challenges

• The guide aims to become the definitive reference for identifying security, privacy, ethical, and compliance vulnerabilities inherent in AI applications, with a technology-agnostic approach applicable across various implementation scenarios.

• Unlike traditional software, AI systems require specialized testing methodologies to address unique challenges including non-deterministic behavior, data dependencies, and vulnerability to adversarial attacks that can compromise system integrity.

• Development roadmap shows the guide will be completed in phases through September 2025, with contributions welcomed from the OWASP and AI communities to establish a structured framework for bias, robustness, and security validation.

Model Context Protocol Details Key Security Risks and Mitigations

• The specification identifies confused deputy vulnerabilities in MCP proxy servers, where attackers can exploit authorization servers using static client IDs to bypass user consent and gain unauthorized API access.

• Token passthrough is explicitly forbidden as it enables security control circumvention, compromises audit trails, creates trust boundary issues, and introduces risks of unauthorized access across connected services.

• To prevent session hijacking attacks, MCP servers must verify all inbound requests, avoid using sessions for authentication, implement secure non-deterministic session IDs, and bind sessions to user-specific information.

MCP, A2A, and AG-UI Technologies Could Create True Single Pane of Glass for SecOps

• Three emerging technologies – Model Context Protocol (MCP), Agent-to-Agent communication (A2A), and Agentic User Interface (AG-UI) – together offer a promising solution to the integration challenges that have historically prevented a unified security operations view.

• MCP standardizes how AI agents interact with security tools, A2A enables specialized AI agents to collaborate on complex tasks, and AG-UI provides an interactive human-AI interface that presents contextualized findings rather than just raw data.

• This approach could move SecOps beyond rigid, rule-based playbooks toward more adaptive, context-aware automation while maintaining human oversight for critical judgment and reducing alert fatigue.

Market Updates

RevEng.ai Raises $4.15 Million to Secure Software Supply Chain

• British startup RevEng.ai secured $4.15M in seed funding for its AI platform that automatically detects malicious code and vulnerabilities in software without requiring source code access.

• The company's proprietary BinNet AI model verifies software supply chain integrity through deep analysis of capabilities, security assessments, and automatic YARA rule creation for Linux, Windows, and Android platforms.

• Investment was led by Sands Capital with support from Episode, In-Q-Tel Capital, and IQ Capital, with funds earmarked to accelerate growth, improve AI models, hire talent, and expand US presence.

DataBahn Secures $17M to Deploy AI Agents for Data Pipeline Management

• DataBahn has raised $17M in Series A funding led by Forgepoint Capital to develop its autonomous AI agent-based platform for data pipeline management and telemetry.

• The company's "Phantom" AI agents collect telemetry without deploying legacy software, parsing and enriching data while suppressing noise - reducing telemetry costs by over 50% for Fortune 50 clients.

• The platform combines federated search capabilities with security-focused features, enabling faster threat detection while providing deeper context and control without traditional agent overheads.

Nexus IT Secures $60 Million For Cybersecurity Services Expansion

• Nexus IT, a Managed Services and Cybersecurity provider, received a $60 million capital commitment from Metropolitan Partners Group to accelerate nationwide growth through strategic MSP acquisitions.

• The company will focus on acquiring MSPs that serve highly regulated industries including healthcare, finance, and legal, with several acquisition deals already in the pipeline for U.S. expansion over the next three years.

• Rather than pursuing scale at all costs, Nexus IT is implementing a founder-led approach focused on long-term value creation, cultural fit, and client-centric innovation in IT services.

Tools

Trellix Insights

A GenAI-powered security platform that integrates endpoint, email, network, data, cloud, and security operations capabilities for comprehensive threat detection and response.

Zscaler Internet Access

Zscaler Internet Access is a cloud-based zero trust security platform that secures internet traffic by providing threat protection, data loss prevention, and secure web gateway capabilities without traditional VPN infrastructure.

Ping Identity Platform

The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

I've was reading Cyentia report showing cyber incidents have increased sixfold over 15 years. It's staggering when you step back and realize we're not just dealing with more sophisticated attacks - we're dealing with exponentially more of them. The median loss jumping from $190K to $3 million tells the whole story about where we are as an industry.

In this week's brief:

• Cloudflare just mitigated a monster 7.3 Tbps DDoS attack - the largest on record
• New research reveals 60% of cybersecurity professionals are eyeing the exit door
• AI secrets are dominating code repository leaks, creating a whole new category of exposure

Industry News

Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack

• In mid-May 2025, Cloudflare autonomously mitigated the largest DDoS attack ever recorded at 7.3 Tbps, targeting a hosting provider client. The multivector attack delivered 37.4 terabytes in just 45 seconds and carpet-bombed over 21,000 destination ports.

• The attack was primarily UDP floods (99.996%) with traces of reflection and amplification attacks including QOTD, Echo, NTP, and Mirai. It originated from over 122,145 source IPs across 5,433 autonomous systems in 161 countries, with Brazil and Vietnam accounting for half the traffic.

• Cloudflare's global anycast network distributed the attack traffic across 477 data centers in 293 locations, enabling autonomous detection and mitigation through real-time fingerprinting without human intervention or service disruption.

Salesforce Industry Cloud Contains 20 Configuration Risks That Could Expose Customer Data

• AppOmni researchers discovered 20 insecure configurations in Salesforce Industry Cloud's low-code OmniStudio platform that could allow attackers to access encrypted customer information, session data, credentials, and business logic through misconfigurations.

• Salesforce issued five CVEs addressing critical vulnerabilities in FlexCards and Data Mappers components, including field-level security bypasses and unauthorized access to encrypted data, while leaving 15 other configuration risks for customers to mitigate.

• The vulnerabilities primarily affect low-code components that don't enforce access controls by default, allow external user execution of workflows, and contain caching mechanisms that can bypass security controls in enterprise deployments.

Over 46,000 Grafana Instances Exposed to Account Takeover Vulnerability

• More than 46,000 internet-facing Grafana instances remain unpatched against CVE-2025-4123, a client-side open redirect vulnerability that enables malicious plugin execution and account takeover attacks.

• The vulnerability allows attackers to hijack user sessions, change account credentials, and perform server-side request forgery (SSRF) attacks without requiring elevated privileges or authentication.

• Despite security patches being released on May 21, approximately 36% of the 128,864 publicly accessible Grafana instances continue running vulnerable versions, creating a significant attack surface for threat actors.

Leadership Insights

Cyentia IRIS 2025 Report Shows Sixfold Increase In Security Incidents Over 15 Years

• The annual probability of an organization experiencing a cyber event has almost quadrupled since 2008, with approximately 3,000 significant security incidents reported quarterly in 2024, compared to just 450 in 2008.

• Financial impacts have grown dramatically, with median losses increasing 15-fold from $190K to almost $3 million, while costs as a proportion of annual revenue have seen an 8-fold increase.

• Despite growing ransomware threats, system intrusion remains the most common incident type, with credential compromise continuing as the leading intrusion method (43-60% of all incidents).

8 Things CISOs Have Learned From Cyber Incidents

• Post-incident CISOs shift from defense to offense, developing an attack-minded perspective that focuses on understanding their attack surface better than adversaries and implementing robust response plans with clear roles and communication protocols.

• CISOs must verify backup systems are isolated, functioning, and clean as modern ransomware attacks specifically target backups first to disable restoration capabilities and force ransom payments.

• While cyber incidents temporarily increase executive attention and funding, this focus often diminishes over time, forcing CISOs to balance immediate security improvements with the reality of potential budget cuts once the crisis fades.

CISOs Struggle to Transition from Reactive to Proactive Threat Intelligence

• Despite 98% of organizations experiencing a cyberattack in the past year, only 44% report taking a proactive approach to threat intelligence – leaving most CISOs stuck in reactive postures that limit strategic planning and response capabilities.

• Traditional threats remain dominant, with malware, ransomware, and phishing continuing as primary concerns, though now enhanced by AI capabilities that accelerate attack sophistication and make detection more challenging.

• While 95% of CISOs agree that participating in threat intelligence sharing communities improves their preparedness, success requires embedding threat intelligence throughout security operations – something 60% of organizations have yet to fully achieve.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

CISOs Implement Retention Strategies as 60% of Cyber Professionals Consider Job Changes

• More than 60% of cybersecurity professionals are contemplating switching jobs within the next 12 months, with dissatisfaction with career progression emerging as a key driver for potential departures.

• Mid-career professionals with 6-10 years of experience represent the most critical talent gap, as they are embedded in good organizations but highly sought after for new roles requiring proven expertise.

• CISOs are implementing retention strategies including internal recruitment and training programs, certification support, mentorship initiatives, and regular career development conversations to build loyalty and reduce turnover.

DFIR Professional Faces Career Uncertainty After Layoff From Incident Response Company

• A cybersecurity professional with 4+ years of experience progressed from technical support to SOC Analyst to DFIR Technical Examiner, before being caught in a round of company layoffs.

• After reaching a six-figure salary (Philippines-based) in their last position, the professional is struggling to find comparable employment and questioning whether to hold out for similar compensation or pivot to a different role.

• The post highlights common career challenges in cybersecurity, including the impact of false positive management in SOC roles and the significant knowledge expansion required when transitioning to incident response specializations.

Experienced Software Engineer Raises Questions About Ageism in Cybersecurity Industry

• A software engineer with 20 years of experience has observed ageism in tech environments, particularly in startups with younger workforce demographics, and is concerned about similar issues in cybersecurity.

• The individual, who previously worked as a Principal Engineer at a consultancy, is transitioning to cybersecurity while wanting to maintain technical roles rather than moving into management.

• The post raises questions about which organizations and cybersecurity roles might be more or less affected by age discrimination as experienced professionals transition into the security field.

AI & Security

Cloud Security Alliance Releases Guide for Red Teaming Agentic AI Systems

• The CSA document provides a comprehensive framework for red teaming Agentic AI systems across 12 critical vulnerability categories, addressing unique challenges posed by AI systems with planning, reasoning, and autonomous action capabilities.

• The guide emphasizes that Agentic AI introduces novel security issues beyond traditional GenAI models, including emergent behavior, unstructured communication, interpretability challenges, and significantly expanded attack surfaces.

• Red teaming methodologies include specific tests for authorization hijacking, human oversight failures, critical system interaction risks, and multiple other exploitation vectors unique to autonomous agents that make decisions with limited human oversight.

Novel Zero-Trust Identity Framework For Agentic AI Proposes Decentralized Authentication

• Researchers present a comprehensive framework for managing identity and access of AI agents, highlighting how traditional protocols like OAuth and SAML are inadequate for autonomous agents operating in Multi-Agent Systems (MAS).

• The proposed architecture employs Decentralized Identifiers (DIDs), Verifiable Credentials (VCs), and Zero-Knowledge Proofs (ZKPs) to create rich, verifiable agent identities that include capabilities, provenance, and behavioral scope.

• Key innovations include an Agent Naming Service (ANS) for capability-aware discovery, fine-grained access control mechanisms, and a unified global session management layer that enables consistent revocation across heterogeneous agent communications.

AI-Related Secrets Dominate Public Code Repository Leaks

• Wiz Research found that AI-related secrets constitute a disproportionate majority of leaked credentials in public code repositories, with 4 out of the top 5 discovered secrets being AI-related.

• Python notebooks (.ipynb files) are the most leak-prone file type, containing exposed credentials through code snippets, execution outputs, and debug functions that reveal sensitive information.

• AI coding assistants frequently recommend hardcoding secrets in configuration files like mcp.json, while current secret scanning tools fail to detect many newer AI platform credentials from vendors like Perplexity, WeightsAndBiases, and Chinese AI platforms.

Market Updates

Tadaweb Raises €17.3M to Enhance OSINT Capabilities for Security Teams

• Luxembourg-based Tadaweb secured funding to scale its Small Data Operating System for publicly available information (PAI) and open-source intelligence (OSINT), reducing analysis time from "days to minutes."

• The platform combines technology with human intuition, focusing on transparency rather than being "another black box" AI solution, prioritizing keeping humans in control of intelligence gathering.

• Their SaaS solution is used by defense, national security, and cybersecurity organizations across Europe and the US, with OSINT estimated to account for 80-90% of information gathering by law enforcement and government entities.

Spanish Industrial Cybersecurity Startup Steryon Secures $1.1M Seed Funding

• Barcelona-based Steryon has raised €1 million ($1.1M) in seed funding co-led by 4Founders Capital and Abac Nest Ventures to develop their industrial cybersecurity risk management platform.

• Funds will be used to enhance technology development and expand both technical and commercial teams, with plans to scale deployment across industrial sectors both nationally and internationally.

• Steryon is one of only three Spanish startups selected for Google's "Google for Startups Growth Academy: AI for Cybersecurity" program, highlighting their innovative approach in the growing OT security market.

Hypernative Raises $40 Million Series B For Web3 Threat Prevention Platform

• Hypernative secured $40 million in Series B funding to expand their AI-based detection platform that protects over $100 billion in assets across 60+ blockchain networks, including recent additions of Solana and THORChain.

• The company launched Guardian, a real-time transaction security solution that prevents blind signing by simulating outcomes before approval, serving over 200 Web3 customers including Aptos, Ethereum, and ZKsync.

• Funding will support expansion into fraud prevention and wallet-level protection, following a year where Hypernative detected $2.2 billion in losses from hacks, exploits, and phishing – a 22% increase from the previous year.

Tools

Finite State Platform

A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.

Reveelium UEBA

Reveelium UEBA is a French-developed User and Entity Behavior Analytics solution that uses artificial intelligence to detect abnormal behaviors and security threats by analyzing user and entity activities within an organization's network.

Conviso

A comprehensive application security platform combining specialized services and software tools to help organizations manage vulnerabilities throughout the software development lifecycle.

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz

I've read the Orca Security report this week showing that 38% of organizations have publicly exposed databases containing sensitive data. It's one of those findings that makes you pause and wonder how we're still dealing with such fundamental security gaps in 2025. The challenge isn't just technical anymore - it's about execution and getting the basics right consistently.

In this week's brief:

• Apple patched a zero-click Messages vulnerability that was actively exploited to target journalists with spyware
• A major survey reveals that over 93% of organizations lack confidence in securing their AI-driven data, with nearly half having no AI-specific controls
• A seasoned cybersecurity professional with two decades of experience shares their struggle finding remote work despite applying to over 1,000 positions

Industry News

Apple Zero-Click Vulnerability in Messages App Exploited to Deploy Paragon Spyware Against Journalists

• Apple patched CVE-2025-43200, a zero-click vulnerability in Messages app that was actively exploited to target Italian journalist Ciro Pellegrino and another European journalist with Paragon's Graphite spyware.

• The attacks occurred through maliciously crafted photos or videos shared via iCloud Links, requiring no user interaction and making detection extremely difficult for victims.

• Paragon has terminated its contracts with Italy citing the government's refusal to allow independent verification, while Italian intelligence confirmed limited use of Graphite for national security purposes.

Fog Ransomware Uses Unusual Mix of Legitimate and Open-Source Tools

• Fog ransomware operators deployed an atypical toolset including Syteca employee monitoring software for credential harvesting and GC2 backdoor that uses Google Sheets for command-and-control communications.

• The attack targeted a financial institution in Asia using open-source tools like Stowaway proxy, Adapt2x C2, and SMBExec for lateral movement and post-exploitation activities.

• Researchers noted this unusual combination of legitimate software and open-source pentesting tools helps threat actors evade detection compared to traditional ransomware attack methods.

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

• Threat actors leveraged the open-source TeamFiltration penetration testing framework to conduct large-scale account takeover attacks against Microsoft Entra ID, affecting over 80,000 user accounts across hundreds of organizations since December 2024.

• The UNK_SneakyStrike campaign utilized AWS servers across multiple geographic regions (primarily US, Ireland, and Great Britain) to launch coordinated password spraying and user enumeration attacks in concentrated bursts followed by 4-5 day lulls.

• Successful compromises granted attackers access to Microsoft Teams, OneDrive, Outlook, and other native applications, enabling data exfiltration and persistent access through malicious file uploads to victims' cloud storage.

Leadership Insights

Prowler Survey Reveals High Cloud Security Confidence Despite Persistent Challenges

• While 96% of security teams report confidence in their cloud security, the 4% who aren't highlight significant concerns around shadow IT, inadequate tooling, and high operational costs.

• Open-source cloud security tools are dominating with 88% adoption, delivering measurable security improvements (86%), enhanced collaboration (83%), and cost savings (80%) through better visibility.

• Organizations using automation save 19 hours weekly, yet 37% failed compliance audits last year despite having appropriate frameworks, indicating an execution rather than tooling problem.

Orca Security Report Reveals 38% of Organizations Have Publicly Exposed Databases Containing Sensitive Data

• Multi-cloud adoption has reached 55% of organizations, with each cloud asset containing an average of 115 vulnerabilities, creating expanded attack surfaces and increasingly interconnected risks.

• 13% of organizations have a single cloud asset responsible for creating more than 1,000 attack paths, while 76% have at least one public-facing asset that enables lateral movement to high-value targets.

• 84% of organizations are now using AI in the cloud, with 62% having at least one vulnerable AI package, while 93% have at least one privileged Kubernetes service account, significantly expanding potential attack surfaces.

CISO Rick Bohm Discusses AI Integration and API Security Challenges in Modern Cybersecurity

• Veteran CISO Rick Bohm emphasizes that successful security leaders must bridge the gap between technical teams and business executives through storytelling and empathy, treating AI as both an assistant and adversary in cybersecurity operations.

• Organizations commonly lack visibility into their API attack surface, with companies believing they have three APIs when security assessments reveal 300, highlighting the critical need for comprehensive API inventory and security integration.

• Modern CISOs must combine technical expertise with business acumen, using incident response muscle memory and treating cybersecurity education as positive manipulation rather than fear-based compliance enforcement.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

Cybersecurity Professional With Advanced Credentials Reports Severe Burnout Despite Industry Success

• A cybersecurity professional with 3 years of experience, a Master's degree, and employment at prestigious companies reports significant burnout despite having strong paper credentials.

• The individual describes struggling with unrealistic expectations in the workplace, specifically being required to compress multiple days of work into 8-hour shifts while maintaining constant self-improvement.

• While still expressing interest in cybersecurity work theoretically, the professional questions whether their experience reflects issues specific to their role or indicates broader systemic problems within the technology sector.

Computer Science Student Inquires About Value Of Google Cybersecurity Certification

• A second-year CompSci major posted in r/SecurityCareerAdvice seeking guidance on whether Google's cybersecurity certification would be valuable for breaking into the cybersecurity field.

• The student expressed they are "extremely interested" in cybersecurity and is evaluating this certification as a potential step toward building relevant credentials alongside their bachelor's degree.

• The post has garnered attention from the security career community with 72K members, showing the prevalent interest in entry-level pathways into cybersecurity careers among college students.