The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
15.28% of employees run unverified MCP servers accessing credentials with zero visibility. Experienced CISSP holders apply to 100+ jobs for single interview as AI screening dominates. Manufacturing hit hardest by Google Cloud phishing at 19.6% of targets.
Anthropic's Deputy CISO forces AI chatbot on community despite votes, causing mass exodus. Actor lands consultant role in 2 years, CompTIA certs beat traditional degrees.
WhatsApp Silent Whisper flaw enables covert tracking with just phone numbers. Security incidents with $200K+ damages doubled to 13% as hybrid IT adoption hits 77%.
NANOREMOTE blends attacks through Google's API undetected. AI agents now surpass most human security testers in live enterprise assessments.
ServiceNow acquires Veza for $1B+ to expand identity security. Security leaders face burnout managing cloud, AI, and compliance with understaffed teams and limited autonomy.
Shai-Hulud 2.0 compromises 25,000+ npm repositories for credential harvesting. Early AI security adopters see 67% security posture improvement and 70% breach risk reduction.
Azure mitigated a record-breaking 15.72 Tbps DDoS attack from 500K+ IPs. Security budgets grew only 4% while executive compensation surged, creating resource allocation challenges.
Chinese actors autonomously attacked 30 major tech firms using manipulated AI. 41% of breached orgs lost millions to insiders. DPRK targets developers via JSON storage services.
Samsung Galaxy zero-day exploited by LANDFALL spyware for surveillance across Middle East. Social engineering attacks surge 1,450% in H1 2025 with breakout times under 60 minutes.
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
