Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

coralogix

Evil Token: AI-Enabled Device Code Phishing Campaign

Apr 9, 2026 By Kiran Sethumadhavan In Coralogix
On April 6, 2026, Microsoft Defender Security Research published an advisory detailing a large-scale phishing campaign that leverages the OAuth Device Code Authentication flow to compromise Microsoft 365 accounts across organizations globally. This campaign represents a significant evolution from manual social engineering to fully automated, AI-driven attack infrastructure.
Read Post
persona

Introducing Relay: Verify who you are while keeping your online activity private

Apr 9, 2026 By Justin Sayarath In Persona
Ask anyone what they think when a website requests a driver's license, Social Security number, or email address, and you'll hear the same reaction: "Why do they need that?" It’s a fair question. Not a day goes by without news of another data breach or scam. Many people have either experienced fraud firsthand or know someone who has. While they're more aware of the need to protect their data, they don't feel equipped to actually do it.
Read Post

AI in the SOC with Joshua Neil

Apr 9, 2026 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as we explore AI in the SOC with Josh Neil, Co-founder of Alpha Level. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

The Golden Throne: Stop Blindly Flushing

Apr 9, 2026 By Graylog In Graylog
Most folks build their SIEM the same way they load a junk drawer: by shoving in whatever they already have—Active Directory, firewalls, and a whole lot of “eh, why not.” But at Graylog, we think you deserve better than a glorified log toilet. In this talk, we’ll flip the script: start with the problems you’re actually trying to solve, then figure out what you need to know, then what data supports that. And with Graylog’s Intelligent Data Routing, you can now act on that plan—sending high-value data to hot storage and archiving the rest to standby storage for when (and if) it’s needed. Build your SIEM like it has a brain—and a budget.
View Video

Lightboard Lab: How to Secure Non-Human Identities Against Modern Threats

Apr 9, 2026 By CrowdStrike In CrowdStrike
See how CrowdStrike Falcon Next-Gen Identity Security provides complete visibility, control, and protection across human and non-human identities. By unifying visibility, secure privileged access, and real-time detection and response, CrowdStrike stops identity-driven attacks before they begin. Subscribe and stay updated!
View Video
teleport

From Plaintext, to BLESS, to Identity: The Evolution of Secure Remote Access

Apr 9, 2026 By Leon Fong In Teleport
My first introduction to UNIX remote access was via telnet and rsh protocols in college, which was the standard method at the time. But I soon started reading articles about how easy it was for someone to sniff the network and capture passwords since they were being transmitted in plaintext. On the shared network segments common to university campuses and early enterprise environments, the tools to intercept traffic were freely available, well-documented, and required very little skill to use.
Read Post

Why You Can't Defend Against Prompt Injection

Apr 9, 2026 By Razorthorn Security In Razorthorn
Prompt injection works because language models struggle to tell the difference between trusted instructions and untrusted user content. Unlike SQL injection or cross site scripting, there is no clean deterministic defence, which leaves code, libraries and AI workflows open to manipulation at multiple points.
View Video
fidelis security

Sybil Attacks Explained: How They Work and Why They Matter

Apr 9, 2026 By Fidelis Security In Fidelis Security
Sybil attacks are well documented in academic research. In practice, most organizations discover them too late, after the fake identities have already accumulated enough network influence to do real damage. The attack does not announce itself. It looks like growth. You see more nodes. More accounts. More participation. All of it is controlled by one attacker running a coordinated identity flood.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.