The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
NANOREMOTE blends attacks through Google's API undetected. AI agents now surpass most human security testers in live enterprise assessments.
ServiceNow acquires Veza for $1B+ to expand identity security. Security leaders face burnout managing cloud, AI, and compliance with understaffed teams and limited autonomy.
Shai-Hulud 2.0 compromises 25,000+ npm repositories for credential harvesting. Early AI security adopters see 67% security posture improvement and 70% breach risk reduction.
Azure mitigated a record-breaking 15.72 Tbps DDoS attack from 500K+ IPs. Security budgets grew only 4% while executive compensation surged, creating resource allocation challenges.
Chinese actors autonomously attacked 30 major tech firms using manipulated AI. 41% of breached orgs lost millions to insiders. DPRK targets developers via JSON storage services.
Samsung Galaxy zero-day exploited by LANDFALL spyware for surveillance across Middle East. Social engineering attacks surge 1,450% in H1 2025 with breakout times under 60 minutes.
100,000 WSUS exploitation attempts in 7 days demand immediate patching. CISOs running 25+ security tools face 50% higher incident rates. Entry-level cybersecurity roles see 5,000 applications per position as market contracts.
Self-propagating GlassWorm worm harvests credentials from 49 crypto wallets using blockchain C2 infrastructure. CISO salary discussion reveals $161K university role versus $250-300/hour consulting opportunities amid market challenges.
Only 6% of executives confident against attacks despite investment surges. UNC5342 exploits Ethereum smart contracts for JADESNOW malware delivery through fake job interviews targeting crypto developers.
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
