Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cato CTRL Threat Actor Profile: ShinyHunters - The Brand That Outlasts the Takedowns

Despite three forum seizures, five administrator arrests across three operations, and the conviction of its founder, ShinyHunters remains active. The real story of ShinyHunters in 2026 is not just persistence, but the evolution of a cybercrime brand that adapts faster than defenders and law enforcement can respond. The 2025–2026 tactics make this persistence especially dangerous. Organizations using Salesforce, Salesloft Drift, Gainsight, or similar third-party SaaS integrations are at risk.

Acronis named a Champion in the Omdia Cybersecurity MSP Ecosystems Leadership Matrix 2026

Analyst firm Omdia has recognized Acronis as a Champion in the Omdia Cybersecurity MSP Ecosystems Leadership Matrix 2026. This distinction is the highest placement in one of the industry’s most closely watched evaluations of cybersecurity vendors serving managed service providers (MSPs). The recognition highlights Acronis’ continued investment in cybersecurity innovation, partner profitability and MSP-focused platform development.

New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forever

Following our deep dive into the internals of ClickOnce application deployment in Part 1 of this two-part blog series, let’s focus on the security implications of this technology. In this blog, we examine how threat actors can weaponize ClickOnce features, and we reveal what we believe to be a new abuse that security teams need to be aware of.

New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deployment

Sharing applications with the world is no easy task. Developers struggle to ensure compatibility across different platforms, vendors continually search for new channels to showcase and distribute their software, and users often encounter hurdles when installing and updating the applications. To help solve this challenge, Microsoft offers multiple solutions including its Microsoft Store, the native Windows Installer component (.msi packages), and a lesser-known but powerful option: ClickOnce technology.

Human-in-the-loop workflows: where intelligent automation meets judgment

Security and IT leaders face a contradictory mandate: move faster with AI and automation while maintaining governance over every action that touches production systems, user accounts, and sensitive data. Most tools force a choice between two failure modes. Either the workflow runs autonomously, and the team hopes nothing breaks, or every action requires manual approval and analysts spend their shifts rubber-stamping low-risk steps until oversight disappears behind a green-checkmark audit trail.

Getting API Credentials Just Got A Lot Simpler

If you've built an integration with Egnyte, you know the process: register at developers.egnyte.com, create an account, wait for approval, and get your credentials. It works, but for admins who simply want to start making API calls against their own domain, the process isn’t simple or fast enough. Starting today, that changes. Egnyte admins can now generate Collaborate API credentials directly from the Egnyte App Store—no external registration, no approval wait, no context-switching.

AI across the security lifecycle

For nearly a decade, the security industry has used machine learning to solve detection. By feeding it enough logs and determining abnormal behaviors, it found the threats that rules-based systems miss. This delivered sharper anomaly detection, fewer false positives, and UEBA is now essential. In fact, threat detection and analytics account for close to 44% of total SIEM spend, the single largest use case by far. Using machine learning for detection was only the start.

Persona supports France and Germany EUDI Wallets for secure, private identity verification

Across Europe, two major regulatory deadlines are arriving that will reshape the mechanics of identity verification for EU-regulated businesses. By the end of 2026, eIDAS 2.0 will require organizations to accept EUDI Wallets for online services where electronic identification or authentication is necessary. That obligation covers state, regional, and local authorities; bodies governed by public law; and certain private entities that are required to provide public services.

Major Security Event: Fortinet VPN Credentials and Configuration Data Exposed for 73,000 Devices

A large-scale credential compromise campaign known as FortiBleed has exposed verified administrator credentials for more than 73,000 internet-facing Fortinet FortiGate firewalls. As of mid-June 2026, the dataset is reportedly circulating within criminal underground communities. Researchers estimate that approximately 50% of all internet-reachable FortiGate devices may be affected across 194 countries, making this one of the most significant Fortinet security incidents to date.

What Canada's Bill C-36 Means for AI-Powered Digital Experiences

As Canada strengthens privacy protections and enforcement, organizations must find a way to accelerate AI innovation while maintaining continuous visibility into how customer data is collected, shared, and protected. Canada’s proposed Bill C-36 is about more than privacy regulation. It reflects a broader challenge facing governments, regulators, and businesses around the world.