The Outsider Enterprise takedown shows AI-powered phishing is now industrial infrastructure. SMBs and government contractors should prioritize phishing-resistant MFA, identity recovery controls, and rapid session revocation.
Handala’s California Water Service claim is a reminder that critical-infrastructure defense starts with proving separation between billing systems, telemetry platforms, and operational technology.
Fortinet CVE-2026-49938 is a medium-severity FortiPortal API access-control issue, but sensitive network configuration exposure can still give attackers a valuable map of the environment.
Velvet Ant’s Operation Highland shows why PAM, OpenSSH, jump hosts, and proxy paths deserve the same defensive priority as identity providers and domain controllers.
The Outsider Enterprise takedown shows AI-powered phishing is now industrial infrastructure. SMBs and government contractors should prioritize phishing-resistant MFA, identity recovery controls, and rapid session revocation.
Handala’s California Water Service claim is a reminder that critical-infrastructure defense starts with proving separation between billing systems, telemetry platforms, and operational technology.
Fortinet CVE-2026-49938 is a medium-severity FortiPortal API access-control issue, but sensitive network configuration exposure can still give attackers a valuable map of the environment.
Velvet Ant’s Operation Highland shows why PAM, OpenSSH, jump hosts, and proxy paths deserve the same defensive priority as identity providers and domain controllers.
Zscaler ThreatLabz says the Shai-Hulud campaign has expanded across package ecosystems and introduced prompt-injection tactics aimed at automated AI security triage. The defense lesson is simple: treat package content as hostile input, even when an LLM is doing the review.
Maine took its public breach notification database offline after fake disclosures were published. The lesson for SMBs and government contractors: public trust workflows need verification, moderation, and correction controls.
intWave disclosed CVE-2026-33590 in Portainer, where insecure default Docker security settings could let regular users escalate toward host takeover. Here is what SMBs and government contractors should lock down.
Rebora disclosed MaXSS and Spyder, two critical flaws in AI browser-extension side panels. The lesson for SMBs and government contractors: browser extensions are endpoint software with identity-session reach and need governance.
GTIG and Mandiant report active ShinyHunters exploitation of Oracle PeopleSoft CVE-2026-35273. Here is what defenders should lock down, hunt, and segment now.
Check Point Research disclosed LangGraph checkpointer flaws that could turn user-controlled state-history filters into SQL injection, unsafe deserialization, and remote code execution. The lesson for SMBs and government contractors: AI agent memory is application infrastructure, not magic middleware.
