The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
NVIDIA container escape flaw remains exploitable despite patching. Threat actors maintain access to FortiGate devices through symlinks. Microsoft addresses shadow AI risks with new enterprise security guide.
OpenAI increases bug bounties to $100K. Dragos reports 87% surge in industrial ransomware attacks. 80 security professionals replaced by AI they trained.
FBI alerts on malware via document converters. Research shows only 2-5% of security alerts need immediate action. Wiz launches searchable cloud vulnerability database
From a software engineer to landing a security role at Microsoft. Machine identities pose 7.5x higher risk than human users. AWS enhances VPC endpoint visibility.
A major GitHub Action used by 23,000+ repos was compromised, leaking CI/CD secrets. Google's Red Team simulates real-world attacks. New AI security agents learn organizational context for better threat detection.
80% of organizations struggle to identify high-risk data in hybrid clouds. State actors bypass MFA via LinkedIn/WhatsApp social engineering. Anthropic's Claude outperforms GPT-4o in security testing.
Two critical Microsoft Copilot vulnerabilities exposing private repos and corporate data. Orange Group confirms 12,000 files stolen by HellCat ransomware affiliate. jQuery dominates high-risk OSS flaws.
Security architects face limited career growth, GoLang backdoor using telegram as C2 channel, 86% of orgs have exposed secrets in private GitHub repos
Malicious AI models found on Hugging Face. Multiple PE firms compete for Trend Micro. Security leadership salaries reach $261.5K median
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
