The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
Zero-click iPhone exploit hits journalists. 80K+ Microsoft accounts compromised. Enterprise AI governance fails across industries.
Palo Alto's AI executes ransomware in 25 minutes. Fake Cloudflare CAPTCHAs deliver malware while Meta automates security reviews.
GitHub MCP exploit allows AI agent data exfiltration. DoD operates 50+ software factories delivering rapid deployment. CISOs earn $532K average compensation.
Socket discovers 60 malicious npm packages exfiltrating network data. Meta releases open-source LlamaFirewall to protect AI agents. FBI reports record $16.6B in cybercrime losses.
Chinese threat actors exploit critical SAP vulnerability across 581 systems. Anthropic CISO predicts AI virtual employees within a year. AI virtual employees pose new security challenges.
Cisco IOS XE controllers face CVSS 10.0 vulnerability allowing root access. GitHub Actions security recommendations following supply chain attacks. New Shadow MCP servers creating AI governance gaps.
Lazarus Group deploys triple malware threat through fake crypto companies. Dwell time increases for first time since 2010. Palo Alto Networks acquires Protect AI for $500+ million.
Executives targeted through fake Bloomberg invites exploiting Zoom's remote control feature. SMBs hit hard with 88% of breaches involving ransomware. Terra secures funding for AI penetration testing.
Task Scheduler vulnerabilities enable privilege escalation without user approval. Multi-layered phishing campaigns delivering Agent Tesla through evasion techniques. AI-related security incidents jumped 56.4% in 2024.
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
