The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
Ivanti left 13 vulnerabilities unpatched until March 2026 after ZDI disclosure. Anthropic research shows just 250 poisoned documents can backdoor LLMs of any size. Half of enterprises face direct financial losses from network failures blocking AI initiatives.
Cloud account compromises jumped from 16% to 46% in five years. North Korean IT workers now use stolen developer identities to infiltrate western companies. Financial damage over $200K doubled as hybrid environments reach 77% adoption.
Enterprise AI usage exploded 200% while organizations unknowingly run 320 Shadow AI apps. Cisco zero-days target government networks as state actors deploy reboot-surviving malware.
Ransomware payments dropped to $115K median but hit 44% of all breaches. Cybersecurity pros can't find jobs despite 10+ years experience.
AI agents now exploit zero-days in under 10 minutes while energy sector attacks surge 586%. Web3 hackers earn millions as traditional security salaries lag behind.
Colombian malware campaign using SVG files went completely undetected by all antivirus engines. C-suite executives show dangerous overconfidence compared to frontline security teams.
Netskope files IPO with $707M ARR amid cybersecurity M&A surge. Industry training decline leaves newcomers struggling despite credentials and certs.
Initial Access Brokers surge 90% targeting smaller US companies. Machine identities now outnumber humans 80 while most orgs lack AI security controls.
LayerX researchers expose "Man-in-the-Prompt" attacks turning AI assistants into hacking copilots. CISA releases zero trust microsegmentation guidance as Python skills become mandatory for 50%+ of cyber jobs.
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
