Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

May 27, 2026 By Arctic Wolf Labs In Arctic Wolf
In May 2026, Arctic Wolf observed a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer. We named this payload EKZ Infostealer, based on internal symbol names extracted from decrypted code.
Read Post
Arctic Wolf

How AI Is Transforming Detection Engineering

May 20, 2026 By Joshua Riccio In Arctic Wolf
One of the most important shifts AI enables in detection engineering is changing where engineers spend their time. Traditionally, a significant portion of detection development effort is consumed by implementation details: writing complex SQL queries, building enrichment pipelines, handling edge cases, tuning rule logic, writing tests, documenting detections, and repeatedly iterating on detection logic. Those tasks are necessary, but they are also time-consuming.
Read Post

Arctic Wolf: A Higher Standard

May 20, 2026 By Arctic Wolf Networks In Arctic Wolf
Powering modern security operations with AI is no longer optional. It’s essential. The Aurora Superintelligence Platform is built for the AI era, combining specialized AI agents, real-world security data, and human expertise to deliver outcomes security teams can trust. At its core, the Swarm of Experts, Security Operations Graph, and AI Trust Engine work together to drive faster detection, more accurate investigations, and more decisive response across the attack surface.
View Video
Arctic Wolf

Accelerating Cloud Security Outcomes Together: Why Arctic Wolf and Wiz are Redefining What's Possible

May 18, 2026 By Sean Phillips In Arctic Wolf
Across every industry, one thing has become abundantly clear: Cloud security has never been more critical, nor more complex. Organizations are scaling cloud environments faster than ever, but the explosion of identities, configurations, and services has created an attack surface that traditional approaches simply can’t keep up with. Teams are drowning in alerts, struggling to identify which issues matter, and facing increasing pressure to respond to threats with limited resources.
Read Post

How to Integrate ITSM in Aurora Vulnerability Management for Better Visibility & Faster Remediation

May 18, 2026 By Arctic Wolf Networks In Arctic Wolf
See how Arctic Wolf Aurora Vulnerability Management turns risk visibility into remediation through seamless integrations with partners like ServiceNow and ConnectWise. This demo shows how automated ticketing, unified workflows, and prioritized findings help security and IT teams accelerate remediation without added workload.
View Video
Arctic Wolf

Turning Security Telemetry Into Actionable Insights

May 15, 2026 By Arctic Wolf In Arctic Wolf
Modern security environments generate enormous volumes of telemetry. Authentication events from identity platforms, API activity from cloud services, endpoint security logs, email interactions, and network traffic can all flow into centralized systems. For most organizations, the challenge is no longer data collection. The real problem is extracting meaningful insight from that data without overwhelming analysts or introducing operational friction.
Read Post
Arctic Wolf

OpenAI Daybreak and the Future of Secure Software Development

May 15, 2026 By Dan Schiappa In Arctic Wolf
OpenAI recently introduced Daybreak, a cybersecurity initiative designed to apply frontier AI models to vulnerability discovery, secure code analysis, and earlier remediation across the software lifecycle. By combining advanced reasoning and planning capabilities, Daybreak aims to help organizations identify and address weaknesses before they reach production. This is a meaningful step forward, but it is also a continuation of a long-standing approach.
Read Post

The Howler Episode 30 - Will May, Chief Revenue Officer

May 14, 2026 By Arctic Wolf Networks In Arctic Wolf
This month, we sit down with Will May, our new Chief Revenue Officer. Take a listen to get to know Will, his leadership philosophy, how he's using AI in his every day, and so much more! Will brings more than 15 years of go-to-market leadership experience across high-growth software, cybersecurity, and cloud technology companies. He has built a strong reputation for helping organizations adopt innovative technologies—including AI-driven platforms—to improve operational efficiency, reduce complexity, and deliver measurable business value.
View Video
Arctic Wolf

Detecting Identity Attacks at Scale with Herd Immunity

May 14, 2026 By Trevor Daher and Joshua Riccio In Arctic Wolf
Modern identity‑based attacks often rely on shared infrastructure and reusable attack frameworks, rather than bespoke tooling built for a single target. Phishing kits and phishing‑as‑a‑service (PhaaS) platforms are the clearest example of this model — and today they are the most prevalent sources of account compromise across organizations of all sizes. Device code phishing illustrates how quickly this model evolves.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.