We are leaders in finding and mitigating cybersecurity risks that others miss.
Joined October 2009
- Tweets 501
- Following 229
- Followers 165
- Likes 79
188 Photos and videos
(1/2) Microsoft Exchange has an actively exploited zero-day โ CVE-2026-42897 โ with no permanent patch. Next Patch Tuesday isn't until June 10. This CVE affects Exchange 2016, 2019, and SE. It's serious enough that the CISA deadline for federal agencies to take action is tomorrow.
1
1
1
111
(2/2) Exploitation only requires a recipient opening a crafted email in OWA. Interim mitigation is available via Microsoft's EEMS for on-prem deployments. Get our breakdown and analyst notes, along with other threats you should know about: hubs.la/Q04jfQFV0
1
1
26
1
1
57
Claude Security opened up for public beta last week. It's supposed to find the flaws and write the patches. But tech is only one part of the problem. What it doesn't do: review, validate, approve, or scan anything outside the codebase. Find out if your security program is ready, with our 3-minute assessment:
hubs.la/Q04f8v9J0
1
1
38
Threat actors are using fake Zoom, Teams, DocuSign, and Adobe links to install ScreenConnect, pre-configured for attacker-controlled C2. It's active now, and we've seen a spike recently.
To do: Block .exe/.msi downloads for non-IT users. Restrict local admin rights. Flag any RMM software your team didn't provision. ๐งต
1
1
1
56
Shock Hosting (ASN395092) is the consistent infrastructure link โ blocking it will reduce risk with minimal disruption. Get the details in our threat brief: hubs.la/Q04f8Vv60
1
1
10
CVE-2026-4190 is being exploited in the wild. cPanel/WHM auth bypass. No credentials needed to gain full admin access. Patch now โ don't wait for a maintenance window. If your server was internet-facing before patching, treat it as potentially compromised. Rotate all admin root credentials, audit SSH keys and config files, and restrict management access to known IPs or VPN.
1
1
1
118
Our team alerted clients to this earlier this week. If you're unsure whether your environment is affected, reach out โ we'll follow up promptly.
Get our regular weekly threat brief to find out about other risks you should be watching: hubs.la/Q04f8Vv60
1
1
27
Most security leaders have some version of the same answer when asked about #Mythos right now: "We're keeping an eye on it." Keeping an eye on something isn't the same as knowing where you stand. Our Mythos Readiness Assessment was built to close that gap. Based on the CSA Priority Actions framework, takes about 5 minutes, and gives you a concrete picture of where your security program stands against what AI-driven threats look like in practice. Take the Mythos Readiness Assessment: hubs.la/Q04dsGFq0
18
OSec's Weekly Threat Brief is out.
Adobe Acrobat zero-day actively exploited since December.
Two unpatched Windows Defender privilege escalation bugs.
n8n Cloud hijacked to deliver malware.
Supply chain phishing targeting developers on Slack.
Get the brief IOCs remediation guidance here โ hubs.la/Q04dhbYM0
106
The 2014 Sony Pictures hack showed what's at stake when IP gets exposed. Now imagine that risk multiplied across 200-400 vendors, which is how many third parties are part of a major production. Each running AI tools, ingesting sensitive data, with no real governance or risk management. That's Hollywood's supply chain today. Read our thoughts on the risk and solution: hubs.la/Q04d53xl0
#MediaSecurity #SupplyChainRisk #AIRisk
27
Iranian hackers in OT systems. AI phishing bypassing MFA. An unpatched Windows zero-day. Chinese espionage across Europe. That was just last week.
Get the brief IOCs actionable guidance: hubs.la/Q04cL1FR0
#threatintel #threatintelligence #cybersecurity
1
28
If Mythos were actually as dangerous as claimed, announcing it publicly would be unconscionable. "We built the doomsday weapon!" is not responsible disclosure. So let's maybe pump the brakes on the apocalypse.
Still, orgs will need to figure out where they stand and if they can deal with the flood of disclosures, vulns, and patches that will overwhelm them.
That's why we built this readiness assessment. 3 minutes. Find out if you're ready for the flood: hubs.la/Q04cKMvn0
30
Major educational institutions have been hit by cyberattacks in the last few months, including Harvard, UPenn, and Columbia. Education ransomware is up 23% year over year. We tracked the data, named the groups, highlighted what you can do to protect your organization, and put it in one place.
Get our Education Sector Threat Brief today: hubs.la/Q04bHvk90
#CyberSecurity #Education #Ransomware #K12Security #ThreatIntel
29
Your phishing simulation is a training metric, not a security metric. There's a difference, and it's a big one when someone is actually trying to breach your org. Real social engineering testing covers 3 dimensions:
โ Physical (tailgating, badge cloning)
โ Technical (vishing, MFA bypass, credential harvesting)
โ People (pretexting, vendor impersonation, helpdesk manipulation)
Find out more in our latest blog post: hubs.la/Q04bs3m40
#phishing #socialengineering #pentesting
ALT Image showing a central red female icon surrounded by concentric circles with connecting lines extending to various colored dots. Represents network connections radiating from a central individual, highlighting relationships or influence within a system.
16
NERC CIP-003-11 is approved. The deadline for compliance is May 26. But deploying security into legacy OT environments isn't easy. And the standard has a lateral movement gap that's critical. Compliant โ secure. Get our analysis on this new standard and what you need to do before the deadline:
hubs.ly/Q04br0rC0
ALT Illustration of interconnected control panels and monitors displaying various charts and data visualizations, representing an industrial or energy management system
1
1
25
6 active threats your security team needs on their radar this week, from Citrix to F5 to Cisco & more. Get the public threat brief with YARA rules & more: hubs.la/Q04brJYJ0 #threatintel #cybersecurity
1
1
102
The Stryker wiper attack hit 200K systems across 79 countries. That was over a week ago. Cyber news has moved on, but the impact is still happening. Full breakdown, including news on BlackSanta, Storm-2561, & critical n8n flaws, here: hubs.la/Q047QVSt0 #ThreatIntel #InfoSec
156
Your AI scanner found thousands of vulnerabilities. But can it tell you which ones are actually exploitable in your environment โ and whether the fixes worked? Discovery without validation is just expensive noise. New post why the validation layer matters: hubs.la/Q047zm9x0
1
1
21