SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies
New SpyCloud research highlights the expansion of phishing attacks as AI and phishing-as-a-service fuel enterprise targeting.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Active FortiBleed Campaign Impacting Fortinet Devices Across 194 Countries
In mid-June 2026, security researchers identified an active, large-scale credential compromise campaign affecting Fortinet FortiGate firewalls, dubbed FortiBleed. Threat actors have been systematically extracting configuration files from internet-facing FortiGate devices and cracking the stored credential hashes, resulting in verified working administrator credentials for between 30,000 and 75,000 devices across 194 countries.
Over 140 popular Mastra npm Packages Hit by Supply Chain Attack
On June 17th we detected a large-scale supply chain attack targeting the entire @mastra npm scope, a popular open-source AI agent framework. An attacker republished 141 packages in a burst between 01:15 and 02:00 UTC, silently injecting a malicious dependency into every one of them. The affected packages include @mastra/core, which has 918K weekly npm downloads, as well as mastra and create-mastra.
Is your defense ready for machine-speed attacks? #cybersecurity #shorts
AI built exploits and AI driven defence are now colliding in the same battlefield, which changes cyber conflict at machine speed. The new argument is simple, if attackers already use AI offensively, defenders need AI native defence to keep up.
Developer laptops are the credential store attackers are picking through in 2026
GitGuardian is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations.
Why SMBs Are Prime Targets for Email-Based Cyberattacks
Small and medium businesses are increasingly exposed to email-based attacks that rely on compromised accounts and trusted communication patterns. In a typical business email compromise scenario, attackers gain access to an executive’s email account and monitor communication over time. This allows them to understand how financial requests are handled and when key individuals are unavailable. At the right moment, they send emails that appear legitimate.
From Brand Impersonation to Account Takeover: The ATO Attack Chain
Brand impersonation account takeover (ATO) happens when attackers use fake brand assets to expose customers, harvest credentials, and attempt access on the legitimate site. The impersonation stage happens outside the enterprise’s login environment, but the ATO risk appears when stolen credentials, attacker devices, or exposed users reach the legitimate login environment. That distinction matters because brand impersonation and account takeover are often handled as separate problems.
From Brand Impersonation to Account Takeover: The ATO Attack Chain
Brand impersonation account takeover (ATO) happens when attackers use fake brand assets to expose customers, harvest credentials, and attempt access on the legitimate site. The impersonation stage happens outside the enterprise’s login environment, but the ATO risk appears when stolen credentials, attacker devices, or exposed users reach the legitimate login environment. That distinction matters because brand impersonation and account takeover are often handled as separate problems.
Ransomware Attacks: Evolution, Impact, and Recent Cases
Ransomware is a type of malware that blocks access to a victim’s system or network. Once the attack runs, it can encrypt selected files, lock systems, or disrupt access to business operations. Then, they demand a ransom in exchange for restoring access or providing a decryption key. In many cases, ransomware encrypts files so the victim cannot use them. Some ransomware can also lock systems or disrupt access to business operations.