Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SophosLabs analysts investigated WantToCry ransomware attacks that involved the threat actors abusing the Server Message Block (SMB) service for initial access and then exfiltrating files to attacker-controlled infrastructure for remote encryption. The detection surface is significantly reduced because WantToCry operates without local malware execution, and there is no post-compromise activity beyond exfiltrating files and rewriting them to disk.

Shai Horovitz is the CEO of JIT, bringing a wealth of experience across business, technology, and security.

This article was originally published in TechRadar Pro. The Iran conflict is serving as an AI testbed for the next era of cyber conflict. Most organizations are watching the tactics and impact unfold with cybersecurity defenses that are simply not prepared for this level of sophistication. Meanwhile, technology leaders are seeing AI as both their biggest opportunity and a major new attack vector.

When the US Center for AI Standards and Innovation (CAISI) asked for public input on securing agentic AI systems, the response was massive: over 500 detailed submissions from Fortune 500 companies, defense contractors, AI startups, and cybersecurity firms. The result is substantial insight into how industry views the regulatory challenges of autonomous AI agents and what they think policymakers should do about it.

Your AI agents had a productive day. Nobody can tell you what data they touched. A developer opens Cursor and connects it to a GitHub MCP server and a Postgres MCP server. The agent reads the repo to understand a schema change, finds an AWS access key in a config file, and uses it to run a migration against staging. The key now lives in the agent's context, in the Postgres query log, in the chat history, and in whatever artifact the developer copies out. No alert fired. No policy triggered.