The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
Lazarus Group deploys triple malware threat through fake crypto companies. Dwell time increases for first time since 2010. Palo Alto Networks acquires Protect AI for $500+ million.
Executives targeted through fake Bloomberg invites exploiting Zoom's remote control feature. SMBs hit hard with 88% of breaches involving ransomware. Terra secures funding for AI penetration testing.
Task Scheduler vulnerabilities enable privilege escalation without user approval. Multi-layered phishing campaigns delivering Agent Tesla through evasion techniques. AI-related security incidents jumped 56.4% in 2024.
NVIDIA container escape flaw remains exploitable despite patching. Threat actors maintain access to FortiGate devices through symlinks. Microsoft addresses shadow AI risks with new enterprise security guide.
OpenAI increases bug bounties to $100K. Dragos reports 87% surge in industrial ransomware attacks. 80 security professionals replaced by AI they trained.
FBI alerts on malware via document converters. Research shows only 2-5% of security alerts need immediate action. Wiz launches searchable cloud vulnerability database
From a software engineer to landing a security role at Microsoft. Machine identities pose 7.5x higher risk than human users. AWS enhances VPC endpoint visibility.
A major GitHub Action used by 23,000+ repos was compromised, leaking CI/CD secrets. Google's Red Team simulates real-world attacks. New AI security agents learn organizational context for better threat detection.
80% of organizations struggle to identify high-risk data in hybrid clouds. State actors bypass MFA via LinkedIn/WhatsApp social engineering. Anthropic's Claude outperforms GPT-4o in security testing.
Join security leaders who receive knowledge and resources on becoming a more effective security leader. One actionable newsletter every week.
Trusted by security professionals at
