Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.

Call spoofing allows scammers to disguise their phone number to make it look like it’s from someone you trust. Watch this short video to learn how spoofing works, how to recognize scam calls and how to protect yourself from becoming a victim.

In this video, I explore OpenAI’s Codex CLI tool to see how powerful it really is for coding with AI. But things quickly go off the rails… what started as a simple test ended with a surprise identity verification request. Apparently, to continue using the tool, I need to submit a government-issued ID and a photo of myself—something I didn’t expect at all. I talk through the process, show the error I ran into, and share my honest thoughts on this level of access and how invasive it feels for a developer tool.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Cisco Network Visibility Module Analytics (NVM): A new analytic story leveraging Cisco NVM telemetry to detect suspicious endpoint network behavior. This release includes 14 new analytics and mapped existing detections covering threats such as insecure curl usage, typosquatted Python packages, abuse of native Windows tools like rundll32 and mshta, and anomalous network connections from uncommon or argument-less processes.

Join security experts Adam White, Chas Clawson, and Seth Williams as they explore how AI-first development is reshaping the way cybersecurity teams build, test, and deploy solutions. Traditional development cycles often leave critical ideas trapped in backlogs, but with Gen-AI and language models, security teams can now move from concept to prototype in hours, not months.

Sumo Logic’s 2025 Security Operations Insights report surveyed 500 IT and security leaders from enterprise organizations to uncover what’s really happening inside today’s SOCs. Join security experts Adam White, David Girvin, and Zoe Hawkins as they break down the top findings from the report and shed light on what every analyst and CISO has felt for years: the system needs a reset.

You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Join security experts, Adam White and David Girvin as they walk through the ultimate playbook for buying your first SIEM without lighting your budget (and your team’s morale) on fire.

Phishing websites are designed to steal your personal information, but you don’t have to fall for them. Watch this short video to learn how to spot a phishing website and avoid getting scammed.

Passwords are a major security risk, but what’s the best way to protect your business? In this video, we break down the difference between passwordless authentication and Multi-Factor Authentication (MFA), how they work and why using both can enhance security.