Insights

From the field

Practical cybersecurity guidance drawn from real-world engagements. No theory. No marketing fluff. Just the things we wish someone had told us 20 years ago.

Subscribe for new posts Start free with Focus →
July 4, 2026

Is Your RMM Verifying Its OIDC Tokens? SimpleHelp CVE-2026-48558 Wasn't

A CVSS 10 auth bypass let attackers forge an OIDC token into a full SimpleHelp technician session, then push malware to every managed endpoint. Patch, hunt the logs, take the RMM off the internet.

Identity Security Network Security Incident Response
July 3, 2026

The Orchestration Layer Is Where AI Finds Bugs: A Tour of Offensive LLM Harnesses

Model choice buys marginal gains. The harness around the model is where offensive LLM bug-hunting capability, cost, and reliability come from - here is a tour of the open-source tools and how to build one.

Offensive Security AI Red Team
July 3, 2026

SharePoint CVE-2026-45659: An Authenticated Deserialization RCE Is Now Under Active Exploitation

An authenticated deserialization flaw in on-prem SharePoint Server is on CISA's KEV list and under active exploitation. Patch, rotate the machine keys twice, and hunt for web shells.

Network Security Incident Response Product Security
July 2, 2026

The Connected-App Blast Radius: How ShinyHunters Turned Stolen OAuth Tokens Into Salesforce Extortion

ShinyHunters is extorting major brands by stealing OAuth tokens from connected apps and reading Salesforce through the API, past MFA entirely. The connected-app inventory and the fix.

SaaS Security Vendor Risk Identity Security
July 1, 2026

Can Ransomware Just Turn Off Your EDR? GentleKiller and the BYOVD Wave

The Gentlemen's GentleKiller framework disables 400+ security products with vulnerable signed drivers before encryption. The controls that make a BYOVD kill fail on a small team's endpoints.

Ransomware Incident Response Endpoint Security
June 30, 2026

Your SIEM Detects in 51 Minutes. Attackers Are Gone in 6.

Attackers reach exfiltration in minutes while the average SIEM takes 51 to alert. Where detection engineering at the source, not more storage, closes the gap for a small team.

SIEM SOC Operations Security Strategy
June 29, 2026

Cursor's Command Allowlist Failed Open (CVE-2026-22708): Why Agent Safe Mode Is the Wrong Trust Boundary

An AI coding agent in safe mode still reached code execution. Why command allowlists are the wrong control for agentic tools, and the containment that holds.

AI Security Architecture Product Security
June 28, 2026

RoguePlanet (CVE-2026-50656): The Unpatched Defender Race Condition That Spawns a SYSTEM Shell

A public exploit for CVE-2026-50656 (RoguePlanet) turns Microsoft Defender into a local path to SYSTEM on fully updated Windows, and there is no patch yet. What it does and what to run now.

Product Security SOC Operations Incident Response
June 27, 2026

Caller-Led Vishing Kits Are Defeating Okta MFA in Real Time

Caller-led phishing kits relay your Okta login live and walk past push and one-time-code MFA. How the kits work, how to hunt the relay in your logs, and the cutover that stops them.

Identity Security MFA Phishing
June 26, 2026

Your Cyber Insurance Renewal Is Now a Security Audit: The 2026 Proof-of-Controls Gap

A paid-up cyber policy can be voided after a breach if you cannot prove the controls you attested to were actually enforced. What changed in 2026, and how to close the gap.

Compliance Enterprise Security Strategy
June 25, 2026

Auditing Your GitHub Actions Workflows for the Cordyceps CI/CD Flaw

A free GitHub account and one pull-request comment can run attacker code in your CI. How to find the Cordyceps pattern in your GitHub Actions workflows and fix it with zizmor.

Supply Chain DevOps Security Open-Source Tool
June 24, 2026

86,644 FortiGate Firewalls Are Leaking Admin and VPN Credentials. Yours Could Be One.

FortiBleed has put valid admin and SSL VPN credentials for 86,644 internet-facing FortiGate firewalls in attacker hands. How to tell if yours leaked and what to reset first.

Network Security Incident Response MFA
June 23, 2026

When the Attacker Is an Agent: Inside the First In-the-Wild LLM-Driven Intrusion

Sysdig watched an LLM agent run a real intrusion from a marimo RCE to a database dump in under an hour. The AI tells and the detections that survive a machine-speed operator.

AI Security Strategy SOC Operations
June 22, 2026

Operation Endgame Cleaned 14,971 WordPress Sites. SocGholish Will Refill Them.

Law enforcement scrubbed SocGholish from nearly 15,000 WordPress sites, but the fake-update access broker rebuilds. The endpoint detection and CMS-hardening playbook.

Ransomware Incident Response Network Security
June 21, 2026

The Klue OAuth Breach: Auditing the Salesforce Connected Apps You Forgot You Approved

A forgotten Klue integration's OAuth tokens pulled Salesforce CRM data for hours. How to inventory, scope, and monitor the connected apps in your own tenant.

Identity Security SaaS Security Incident Response
June 20, 2026

Joomla Content Editor CVE-2026-48907: A Max-Severity Unauthenticated RCE Under Active Exploitation

A CVSS 10.0 unauthenticated flaw in the Joomla Content Editor lets attackers drop a webshell with no login. The mechanism, the patch, and how to hunt for compromise.

Vulnerability Management Web Security Network Security
June 19, 2026

142 Packages in 88 Minutes: The Mastra npm Scope Hijack

A hijacked maintainer account pushed the easy-day-js typosquat into 142 Mastra npm packages in 88 minutes. How the infostealer worked, and how to check your build.

Supply Chain DevOps Security AI
June 18, 2026

Your AI Agents Emit Security Events. Your SIEM Never Sees Them.

AI coding agents and RAG assistants generate security events that never reach your SIEM. The three log surfaces, and the detection rules, that close the gap.

SIEM AI SOC Operations
June 17, 2026

Device-Code Phishing Now Steals Okta and Microsoft 365 Tokens, and Your MFA Never Fires

Kali365's phishing service abuses the OAuth device code flow against Okta and Microsoft 365, taking tokens after a real MFA login. The control that stops it, and how to hunt the tokens already issued.

Identity Security Phishing Active Directory
June 16, 2026

Should Your Veeam Backup Server Be on the Domain? CVE-2026-44963 Settles the Question

A CVSS 9.4 flaw lets a low-privilege domain user run code on the Veeam backup server, but only domain-joined version 12 is exposed. Who must patch now, and the architecture fix.

Vulnerability Management Ransomware Network Security
June 15, 2026

Your SIEM Became the Front Door: Splunk CVE-2026-20253 and the Small-Business Response Playbook

An unauthenticated CVSS 9.8 flaw in Splunk Enterprise 10 lets an attacker write files and run code on the box that watches everything. Who has to patch now, and how to check.

SIEM SOC Operations Network Security
June 14, 2026

You Connected AI Agents to Your Business. Here Is the Security Field Guide for Small Teams.

Small teams wired AI agents into email, files, and code this year through MCP. Here is what the new attack surface means, who it affects, and the short list of controls that matter.

AI AI Automation Product Security
June 13, 2026

Check Point CVE-2026-50751: The VPN Auth Bypass Qilin Used, and Why Patching Was Only Half the Fix

A maximum-severity Check Point VPN bypass was exploited for a month before the patch, and a Qilin ransomware affiliate used it. Who is exposed, and the assume-breach steps to take now.

Network Security Ransomware
June 12, 2026

Ivanti Sentry CVE-2026-10520: Root on Your Edge Gateway, and the Small-Business Patch-Now Playbook

A maximum-severity, unauthenticated flaw lets attackers run code as root on Ivanti Sentry, and exploitation began within a day. Who is affected, and what to do in the three-day window.

Network Security Vulnerability Management
June 11, 2026

Identity Is the Front Door Now: The Enterprise Controls That Stop Attackers, Right-Sized for a Small Business

Two thirds of breaches now start with a stolen login, not malware. Here are the enterprise identity controls that matter most, right-sized for a small business to actually run.

Active Directory Identity Security
June 10, 2026

LiteLLM CVE-2026-42271: The AI Gateway Flaw That Turns a Low-Privilege Key Into Remote Code Execution

An authenticated command injection in LiteLLM, chained with a Starlette host-header bypass, gives unauthenticated remote code execution on your AI gateway. Who is exposed, and how to fix it.

AI Product Security
June 9, 2026

Miasma: The npm Worm That Poisoned Red Hat's Own Packages, and the Small-Business Dependency Playbook

An attacker poisoned 32 Red Hat npm packages that shipped with valid provenance signatures, then stole cloud credentials and spread like a worm. Who is affected, and how to respond.

Supply Chain DevOps Security
June 8, 2026

Everest Forms Pro CVE-2026-3300: The Unauthenticated WordPress Takeover Hiding in Your Contact Form

A critical Everest Forms Pro flaw (CVE-2026-3300, CVSS 9.8) lets attackers run PHP and create rogue admins through a normal form submission. The fix, and how to check if you were hit.

Vulnerability Management Web Security
June 7, 2026

The Unpatched Windows search: URI NTLM Leak, and Why Relay Attacks Are Still the Easiest Way Into a Domain

Microsoft will not patch a Windows search: URI flaw that leaks NTLMv2 hashes. How NTLM relay turns it into domain takeover, the tools pentesters use, and the fix.

Offensive Security Active Directory
June 7, 2026

Logging Without a SIEM: The Small-Business Detection Baseline

What to actually log when you cannot afford a SIEM: the Windows, Microsoft 365, and firewall events worth keeping, and the free tools to centralize them.

SIEM SOC Operations
June 6, 2026

Anthropic's LLM ATT&CK Navigator and ARiES: A Year of AI-Enabled Attacks, Mapped

Anthropic mapped a year of AI-enabled attacks to MITRE ATT&CK and scored each actor with a new metric, ARiES. What the interactive Attack Navigator shows defenders.

Threat Intelligence AI
June 5, 2026

AI-Orchestrated EDR Evasion: Sophos Finds a Claude-Driven Malware Lab, and the Small-Business Endpoint Playbook

Sophos found attackers wiring Claude Opus 4.5 agents into Cursor to mass-produce and test EDR-evasion payloads against Sophos, CrowdStrike, and Defender. Here is the small-business endpoint detection playbook.

Incident Response AI
June 4, 2026

Cisco SD-WAN CVE-2026-20182: A CVSS 10.0 Auth Bypass and the Small-Business MSP Playbook

CVE-2026-20182 is a CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN Controller and Manager - the box your MSP uses to push policy to every branch - and it is under active exploitation by UAT-8616 with no workaround. Find your exposure, confirm the patched build, and hunt for the persistence.

Network Security Vulnerability Management
June 3, 2026

Netlogon CVE-2026-41089: A Pre-Auth Domain Controller RCE and the Small-Business Patch-Now Playbook

CVE-2026-41089 is a CVSS 9.8 pre-authentication buffer overflow in Windows Netlogon that hands an unauthenticated attacker SYSTEM-level code execution on a domain controller - and Belgium's national CERT says it is already being exploited. Inventory every DC, confirm the May 2026 patch landed, and contain Netlogon before the exploit gap closes.

Active Directory Identity Security
June 2, 2026

ChatGPhish: When ChatGPT Summarizes a Booby-Trapped Page, the Page Is the Payload

Permiso Security disclosed ChatGPhish on May 29, 2026: ChatGPT's page-summary renderer trusts Markdown that rode in from the page it summarized, so any booby-trapped page can render attacker phishing buttons, QR pivots, and silent tracking pixels inside the trusted assistant UI. No email, no attachment - the link is rendered for the user by a tool they trust. This playbook covers the four-move SMB lockdown: inventory shadow AI, move to managed tenants, hunt the beacon in egress logs, and reset the trust assumption with staff.

AI Phishing
June 1, 2026

Install Scripts Are the New Initial Access: A 500-Package npm and NuGet Wave, and the SMB Lockdown Playbook

Between May 27 and 29, 2026, researchers at Microsoft, SafeDep, and Socket catalogued more than 500 malicious npm and NuGet packages, and CISA added three "embedded malicious code" entries to the KEV catalog in a single day. Almost every campaign weaponized the same thing: the preinstall and postinstall lifecycle hooks that run a stranger's code with your cloud and CI/CD credentials in scope. This playbook covers the four-step SMB lockdown - disabling install scripts by default, shutting the dependency-confusion door, scoping CI tokens, and detecting the install-time callout.

Supply Chain DevOps Security
May 31, 2026

PAN-OS GlobalProtect CVE-2026-0257: A Forged Cookie Walks Past VPN Login, and the SMB June 1 Playbook

A forged authentication-override cookie opens a GlobalProtect VPN session with no password, no MFA, and no brute force. CVE-2026-0257 has been exploited since May 17, and CISA set the federal fix deadline at June 1. Because the gpsvc binary decrypts the cookie but never verifies its integrity, any firewall that reuses one certificate for the HTTPS portal and the override feature lets an attacker pull the public key off the TLS handshake and forge a valid admin session. This playbook covers the five-minute exposure check from the firewall CLI, the fixed PAN-OS builds and the two vendor mitigations, and a log hunt for the forged-admin sessions Rapid7 already observed in two waves in the wild.

Network Security Vulnerability Management
May 30, 2026

Trend Micro Apex One CVE-2026-34926: When Your Endpoint Protection Server Becomes the Attacker's Deployment Channel

On May 21, 2026, Trend Micro confirmed in-the-wild exploitation of CVE-2026-34926, a directory traversal in the on-premises Apex One management server, and CISA gave federal agencies until June 4 to patch. The bug lets an attacker who already has a foothold on the server "modify a key table to inject malicious code to deploy to agents" - the console you bought to protect every endpoint becomes the channel that pushes attacker code to every endpoint. Its CVSS reads 6.7 only because the math assumes the attacker already has server admin, which in a real intrusion is the objective, not the starting point. Affected on-prem Windows builds are everything below 14.0.0.17079; the SaaS build was patched by the vendor. The same bulletin fixed seven more agent privilege-escalation bugs, a complete foothold-to-fleet chain. This playbook covers the PowerShell build check that confirms exposure, a console-and-filesystem hunt for deployments and writes you cannot explain, and the three controls - management-plane segmentation, console-admin MFA treated like domain admin, and a KEV-driven patch SLA for security tooling - that shrink the blast radius before the next management-server bug lands.

Incident Response Product Security
May 29, 2026

BadHost (CVE-2026-48710): The Starlette Host-Header Bypass Hiding in Your FastAPI and AI Stack

A malformed HTTP Host header is enough to slip past path-based authentication in Starlette, the ASGI toolkit underneath FastAPI and a long list of LLM inference servers, agent frameworks, and MCP gateways. CVE-2026-48710 ("BadHost"), published May 26 and fixed in 1.0.1, makes request.url.path diverge from the routed path, so any middleware that authorizes on the URL can be bypassed. This playbook covers the one-line curl test that confirms exposure, how to inventory every transitive Starlette in your stack, the code change from request.url.path to the raw ASGI scope path, and a proxy detection for malformed Host headers.

AI Vulnerability Management
May 28, 2026

Nx Console CVE-2026-48027: A Poisoned VS Code Extension, 3,800 Stolen Repos, and the SMB Developer-Secrets Playbook

On May 18, 2026, a trojanized Nx Console build (CVE-2026-48027) sat on the VS Code Marketplace for 18 minutes and drained developer secrets, including 1Password CLI sessions, Anthropic Claude Code config, GitHub, npm, AWS, and Vault tokens, by hiding its payload inside a fake MCP setup task. The same TeamPCP campaign behind last week's TanStack compromise turned one stolen maintainer token into roughly 6,000 activations and helped exfiltrate about 3,800 of GitHub's internal repositories. The SMB read: editor extensions run with full user privileges and nobody reviews them, so the laptop is your real supply chain. The playbook walks through the version check that confirms exposure, the IOC triage script (kitty/cat.py backdoor, __DAEMONIZED processes, the firedalazer C2 channel), the credential-rotation order that puts AI-agent keys first, and the three controls that would have stopped the chain: extension allow-listing, pnpm 10.16 minimum-release-age enforcement, and two-person OIDC publishing.

Supply Chain AI
May 27, 2026

Verizon DBIR 2026: Vulnerability Exploitation Just Took the Crown, and the SMB Patch Window Is Already Lost

On May 20, 2026, Verizon shipped the 19th annual Data Breach Investigations Report and inverted a ranking that had held since the document existed. Vulnerability exploitation is now the top initial breach vector at 31%, ahead of credential abuse at 13%, across a dataset of 31,000 incidents and 22,000 confirmed breaches in 145 countries. The number underneath the flip is the operational one: median time-to-patch a public-facing critical vulnerability hit 43 days in 2025 (up from 32), against an AI-accelerated attacker median time-to-weaponize measured in hours. The KEV remediation-by-deadline rate fell from 38% to 26%. Third-party involvement in breaches jumped 60% year over year. Shadow AI tripled to 45% of employees, with 67% of corporate-device AI traffic running on non-corporate accounts that no DLP rule catches. The SMB read: a 14-day patch clock does not survive an hour-clock attacker, the second-Saturday maintenance window is now actively dangerous for anything internet-facing, and the 2027 DBIR will be written with the decisions made in the next 30 days. The post walks through the five numbers worth memorizing before the next budget review, the PowerShell and jq one-liners that turn the KEV JSON feed into automatic tickets against your inventory, the leadership-dashboard math that converts your last three remediations into the time-to-patch number the cyber-insurance carrier already has, the three-question MFA questionnaire for your top vendors, and the internal 72-hour SLA that gets you ahead of where CISA is publicly weighing taking the federal deadline.

Compliance Security Strategy
May 26, 2026

LiteSpeed cPanel CVE-2026-48172: Any User to Root, and the SMB Hosting-Customer Playbook

On May 21, 2026, LiteSpeed Technologies published a security advisory confirming active exploitation of CVE-2026-48172, a CVSS 10.0 privilege escalation in the user-end cPanel plugin. Any authenticated cPanel user, including an attacker working through a compromised low-privilege account or a credential-stuffed login, can invoke lsws.redisAble through cPanel's JSON-API and execute arbitrary scripts as root on the underlying server. Vulnerable: user-end plugin v2.3 through v2.4.4. Patched: v2.4.7, bundled with WHM plugin v5.3.1.0. The WHM-side plugin is not affected. The Hacker News confirmed in-the-wild exploitation two days after the advisory. NVD published the CVE on May 20 with a 10.0 CVSS 4.0 score and a CWE-266 (Incorrect Privilege Assignment) tag. For an SMB whose marketing site, e-commerce storefront, or WordPress install runs on a cPanel plus LiteSpeed shared host, this is a vendor-risk and credential-rotation problem, not a "patch your server" problem. The patch lives with the hosting provider. The post walks through the technical primitive, a bash hunt script for the published IOC and post-compromise artifacts, the four questions to send your hosting provider tomorrow morning, and the standing controls (cPanel 2FA, port allow-listing, Cloudflare Access fronting) that break the credential-stuffing chain feeding "post-auth" bugs like this one.

Vulnerability Management Network Security
May 25, 2026

Storm-2949 and the SSPR Front Door: The SMB Entra ID Hardening Playbook

On May 18, 2026, Microsoft Threat Intelligence disclosed Storm-2949, a financially motivated actor that turned Self-Service Password Reset into the front door of full Microsoft 365 and Azure compromise. No malware, no zero-day. The actor called the help desk impersonating a target user, walked the agent through the SSPR flow, got an MFA prompt approved through social pressure, reset the password, deleted the legitimate authentication methods, and re-enrolled Microsoft Authenticator on their own device. From there: bulk Microsoft Graph enumeration with a custom Python script, OneDrive and SharePoint bulk download of IT documentation and VPN configs, "dozens" of Azure Key Vault secrets pulled inside a four-minute window, ScreenConnect persistence via Azure VM Run Command and VMAccess extensions, and event log clearing. The whole chain ran on defaults that ship enabled in every Microsoft 365 tenant. SMB Entra ID hardening playbook: scope SSPR away from privileged roles, require two strong methods and pull SMS where workflow allows, gate MFA registration behind Conditional Access requiring a compliant device or trusted network, turn on PIM for every directory role, and enable Key Vault diagnostic logging today. Plus three KQL hunt queries for the SSPR reset-and-re-enroll pattern, bulk Graph reads from a single user session, and rapid-fire Key Vault secret pulls.

Identity Security Entra ID
May 24, 2026

$175K to a Morse-Code Tweet: The Grok Heist and the SMB Agentic AI Excessive-Agency Playbook

On May 4, 2026, a Morse code tweet drained roughly $175,000 from a crypto wallet controlled by xAI's Grok. The attacker first transferred a Bankr Club Membership NFT to Grok's wallet to unlock an "Executive" role that removed transfer caps, then asked Grok to translate a Morse code reply. The decoded instruction told Bankrbot to send 3 billion DRB tokens to the attacker's address. The transaction settled in seconds, with no human-in-the-loop and no anomaly check. The OECD's AI Incidents catalog logged it as 2026-05-04-4a73. The technical lesson is OWASP LLM01 prompt injection through an encoded channel plus LLM06 excessive agency at the action layer. Replace the wallet with a CRM, billing system, or customer data lake and the chain reproduces — and it already does, inside every SMB that has stood up a Copilot agent, Agentforce flow, Power Automate AI Builder automation, Zapier AI step, or custom MCP server. Five-step SMB playbook: inventory every agent and its tool surface, strip unneeded tools at the definition layer, gate every irreversible action behind per-call human approval, treat decoded and fetched content as untrusted input, and log every tool call with a first-seen-target alert.

AI Security Architecture
May 23, 2026

Mini Shai-Hulud Returns: TanStack, OIDC Theft, and the SMB Dev Pipeline Reset

On May 11, 2026, TeamPCP shipped malicious versions of 42 @tanstack/* npm packages, 84 artifacts in total, by chaining a pull_request_target Pwn Request, GitHub Actions cache poisoning, and OIDC token extraction from runner memory. Wiz and StepSecurity tracked the campaign as Mini Shai-Hulud, the third public branch of the Shai-Hulud worm family in nine months. Within 48 hours the compromise had spread to Mistral AI, UiPath, OpenSearch, and Guardrails AI packages, crossing 170 affected artifacts across npm and PyPI. The flagship victim @tanstack/react-router pulls roughly 12 million weekly downloads. The worm exfiltrates GitHub, npm, AWS, GCP, Kubernetes, and Vault credentials, then plants a gh-token-monitor launch agent or systemd unit that wipes the home directory if the stolen token is revoked. SMB dev pipeline playbook: lockfile hunt, IoC SHA-256 grep, do-not-revoke-before-imaging, full credential rotation, and the four CI workflow changes (pull_request_target repo-owner guard, SHA-pinned third-party actions, id-token: none on jobs that do not need OIDC, require-approval for first-time contributors) that would have stopped this exact attack.

Supply Chain DevOps Security
May 22, 2026

Exchange CVE-2026-42897: The OWA Crafted-Email Zero-Day and the SMB Mitigation Playbook

Microsoft disclosed CVE-2026-42897 on May 14, an XSS in Outlook Web Access on Exchange Server 2016, 2019, and Subscription Edition that lets a single crafted email run attacker JavaScript inside an OWA session. CISA added it to KEV the next day with a federal deadline of May 29. By the week of May 18 outlets were running confirmed in-the-wild exploitation. There is no permanent patch; the only protection today is Microsoft's automatic EEMS URL-rewrite mitigation M2.1.x, which is on by default but routinely disabled across the SMB on-prem fleet. The playbook in this article: verify M2.1.x is actually applied with the Exchange Health Checker, force it manually with EOMT.ps1 where EEMS is off, hunt the eight-day open window for inbox-rule forwarding, OWA POST anomalies, and sent-as-victim activity, and have an answer ready for the Exchange 2013 and Subscription Edition migration conversations leadership will have this week.

Vulnerability Management Email Security
May 21, 2026

Apple M5 Kernel Cracked in Five Days With Claude Mythos: The SMB Mac Hardening Playbook

Three researchers at Calif used Anthropic's Claude Mythos Preview to chain two macOS bugs into a working local privilege escalation on Apple M5 silicon, bypassing the brand-new Memory Integrity Enforcement (MIE) hardware mitigation. Bug discovery to root shell took six days. There is no CVE and no patch yet; the 55-page technical report is embargoed pending Apple's fix. Every Mac in your environment running macOS 26.4.1 on M5 sits in a window where a leak or parallel rediscovery turns into a fleet-wide LPE primitive. Five-step SMB Mac hardening playbook: inventory the fleet, enforce automatic updates via MDM, achieve EDR parity with the Windows side, write a kernel-CVE patch SLA, and re-segment privilege on the executives and senior engineers most likely to be targeted. AI-augmented vulnerability discovery just compressed the patching window by an order of magnitude. Mac fleets are part of the patching pipeline now whether the security team treats them that way or not.

Endpoint AI
May 20, 2026

Semantic Kernel's Prompt-to-Shell: CVE-2026-26030, CVE-2026-25592, and the SMB AI Agent Hardening Playbook

Microsoft disclosed two critical Semantic Kernel CVEs on May 7. CVE-2026-26030 (CVSS 9.9) is a Python InMemoryVectorStore eval() injection. CVE-2026-25592 (CVSS 9.9) is a .NET SessionsPythonPlugin arbitrary file write via a helper accidentally exposed as a KernelFunction. Both end the same way: a hostile prompt becomes a process on the host. Upgrade to Python 1.39.4 or .NET 1.71.0, then run the SMB hardening playbook - inventory every decorated function, register a Function Invocation Filter that allowlists file paths, and configure EDR to alert on agent-process child spawning and Startup-folder writes. The tool registry is your attack surface; treat it like a sudoers file.

AI Security Architecture
May 19, 2026

MuddyWater's Chaos False Flag: The Microsoft Teams MFA-Bypass IR Playbook for SMBs

Rapid7 attributed an intrusion that looked like Chaos ransomware to MuddyWater, the Iran-linked APT. The kill chain: external Microsoft Teams chat from a burned tenant, interactive screen-share, user typing credentials into credentials.txt, user adding the attacker's MFA device, DWAgent and AnyDesk persistence, ms_upd.exe pulling Game.exe (a WebView2-masquerading RAT), data exfiltration, no encryption. The Chaos branding was theater. Every step relied on Microsoft 365 defaults SMBs leave on: external Teams chat, end-user MFA self-registration, unrestricted RMM tooling. Here is the IR playbook: KQL hunts for external Teams chats and Entra MFA method adds, EDR indicators for the Rapid7 hashes and the RMM binaries, and five hardening steps (external-access lockdown, Conditional Access on MFA registration, RMM allowlisting, Quick Assist removal, verbal-callback help-desk policy) that close the door at five different layers.

Incident Response Endpoint Security
May 18, 2026

YellowKey: The Unpatched BitLocker Bypass in Windows Recovery and the SMB Lost-Laptop Playbook

Researcher Nightmare-Eclipse published a working BitLocker bypass via Windows Recovery Environment on May 12 -- no CVE, no patch, two minutes with a USB drive. Here is the TPM+PIN enforcement and WinRE hardening playbook for SMBs running Windows 11 on default configuration.

Endpoint Security Vulnerability Management
May 17, 2026

From 14 Days to 72 Hours: CISA's KEV Deadline Squeeze and the SMB Patch Playbook for May 2026

CISA is weighing a 72-hour KEV remediation deadline, down from 14 days, because AI-accelerated exploitation has outrun the old clock. The April 20 and April 24 batches put 12 actively exploited CVEs on the catalog, hitting SimpleHelp (CVSS 9.9), Quest KACE (CVSS 10.0), JetBrains TeamCity, PaperCut NG/MF, Kentico Xperience, Zimbra, Samsung MagicINFO, D-Link DIR-823X, and three Cisco Catalyst SD-WAN Manager flaws. Federal deadlines: April 23, May 4, May 25. None of this is legally binding on SMBs, but the pressure flows downstream through contractor agreements, MSP contracts, and insurance carriers. This is the SMB playbook: automated KEV ingestion via PowerShell or curl + jq, inventory mapping to CISA product strings, triage by exposure not CVSS, compromise checks before patching (SimpleHelp API keys, TeamCity config exports, PaperCut admin user list, Quest KACE admin logins), and a leadership-visible monthly tile that reads zero or has an owner.

Vulnerability Management Compliance
May 16, 2026

The Bitwarden CLI Supply Chain Hijack: 90 Minutes, Shai-Hulud's Third Coming, and the SMB Dev Pipeline Playbook

For 90 minutes on April 22, 2026, the official @bitwarden/cli npm package was a credential stealer. The Shai-Hulud worm fetched the Bun runtime to bypass Node-based EDR, harvested AWS, Azure, GCP, GitHub, npm, SSH, and AI-tooling credentials (MCP server configs, Cursor and Claude tokens), and exfiltrated loot through public GitHub repos labeled "Shai-Hulud: The Third Coming." Bitwarden's vault and production systems were untouched - the build pipeline was the entire failure. Here is the 30-minute SMB triage (hunt the malicious version, hunt the public-repo IOC, rotate burned secrets) and the longer-form playbook: pinned installs with integrity hashes, a 48-hour registry cooldown, sandboxed preinstall hooks, short-lived scoped credentials, egress allowlisting on build runners, and recurring exfil-pattern monitoring with free tooling.

Supply Chain DevOps Security
May 15, 2026

One Phone Call to 5.5 Million Records: The ADT Vishing Breach and the SSO Blast-Radius Problem SMBs Share

ShinyHunters called an ADT employee, impersonated IT, walked away with an Okta SSO account, pivoted into Salesforce, and exfiltrated 11 GB of customer data covering roughly 5.5 million accounts. No exploits, no malware, no zero-day. The exact same call script works against a 200-person SMB with the same SSO-in-front-of-SaaS topology. Here is what the attackers actually did, why standard MFA did not stop them (they reset it, they did not bypass it), and a five-step hardening playbook: vishing-resistant help-desk verification, phishing-resistant MFA on the accounts that matter, OAuth and session hunting in Okta/Entra/Salesforce, scoped SSO blast radius, and a quarterly vishing drill against your own help desk.

Identity Security SSO
May 14, 2026

The Mexico AI Breach: What 195M Records Lost to Claude and ChatGPT Mean for SMB Defenders

One operator, two consumer AI subscriptions, six weeks, nine Mexican government agencies, and roughly 195 million taxpayer records exfiltrated. Gambit Security recovered 1,088 operator prompts that generated 5,317 AI-executed commands, 400+ custom attack scripts, and a 17,550-line Python tool that piped server telemetry through OpenAI to auto-write 2,597 intelligence reports. The point for SMB defenders is not the target. It is the labor cost: campaigns that previously required a six-person team now collapse into one person plus an API key. Here is the five-step detection and hardening playbook: AI egress visibility, endpoint AI inventory, behavioral baselines on admins, edge and identity hardening, and an AI-use policy your security stack can actually enforce.

AI Security Incident Response
May 13, 2026

BlueHammer, RedSun, UnDefend: The Defender Zero-Day Cluster SMB Hardening Guide

Three Windows Defender local-privilege-escalation exploits dropped in 13 days. BlueHammer (CVE-2026-33825) is patched and on CISA's KEV list; RedSun and UnDefend remain unpatched. Huntress observed all three abused in the wild during the BeigeBurrow tunneling-agent campaign, and the public BlueHammer PoC sits two commented lines away from full SAM, SYSTEM, and SECURITY credential extraction. Here is the five-step hardening playbook: verify the April cumulative and signature freshness, enforce Tamper Protection and the Secure Score Defender items, stage ASR rules from Audit to Block, deploy KQL detection rules for junction abuse and post-remediation writes to System32, and wire Defender health into your alert pipeline.

Endpoint Security Defender
May 12, 2026

Adaptavist via TheGentlemen: The Atlassian Marketplace SMB Playbook

TheGentlemen RaaS claims a complete infrastructure compromise at Adaptavist, the platinum Atlassian partner behind ScriptRunner: source code, 484,220 HubSpot CRM records, 3+ TB of Nexus secrets and Helm charts, Kubernetes config, OAuth credentials, a Snowflake warehouse, 100 GB of Confluence. Most coverage is about the Fortune 500 names on the customer list. The real exposure surface is every SMB on Jira or Confluence running any Marketplace add-on. Here is the four-step playbook: inventory connected apps and scopes, rotate sharedSecrets and 3LO grants, audit 70 days of admin and ScriptRunner activity, and set the durable Marketplace posture.

SaaS Security Supply Chain
May 11, 2026

Vercel via Context.ai: The AI OAuth Supply Chain Playbook for SMBs

A Lumma Stealer infostealer landed on a Context.ai engineer's laptop, harvested an "Allow All" Google Workspace OAuth refresh token, and two months later that token was used to read mail and Drive for Vercel and dozens of other enterprises. The compromised Client ID 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com makes this a hands-on IOC, not a theoretical risk. Here is the four-step audit covering OAuth grant inventory, scope cleanup, third-party app posture management, and durable AI-vendor due diligence that every SMB Workspace and Microsoft 365 tenant can run this week.

AI Supply Chain AI
May 10, 2026

PAN-OS CVE-2026-0300 Captive Portal RCE: The Pre-Patch SMB Playbook

225,000 internet-facing PAN-OS firewalls are exposed to a CVSS 9.3 unauthenticated root RCE in the Captive Portal, with state-sponsored cluster CL-STA-1132 already exploiting it and patches not arriving until May 13 to May 28. Here is the five-step pre-patch playbook covering exposure check, Palo Alto's two workarounds, the prior-compromise hunt against firewall traffic and threat logs, the patch train timing, and the durable edge-management posture changes that pay off across every future PAN-OS advisory.

Network Security Vulnerability Management
May 9, 2026

Canvas/Instructure Breach: 275M Records and the SaaS Vendor Concentration Lesson

ShinyHunters stole 3.65 terabytes from Canvas affecting 9,000 schools and 275 million users, with a May 12 ransom deadline mid-finals week. The real story is not Canvas. It is what every SMB should do about the SaaS vendor that sits in the middle of their operation. Here is the four-layer playbook covering vendor inventory, API key rotation drills, SSO hardening against ShinyHunters tradecraft, and SaaS-to-SaaS boundary monitoring.

SaaS Security Vendor Risk
May 8, 2026

Entra Agent ID Administrator: When an AI Role Owns the Whole Tenant

Microsoft's Agent ID Administrator role let any holder take over arbitrary service principals, and the takeover primitive worked across 99 percent of tenants. Microsoft patched it server-side on April 9, but the audit window for whether anyone walked through the door first did not. Here is the 60-day Sentinel KQL hunt, the privileged service principal inventory commands, and the architecture lesson about ownership as a takeover path.

Identity Security AI
May 7, 2026

Copy Fail (CVE-2026-31431): A 732-Byte Python Script Roots Linux

Deterministic Linux kernel local privilege escalation that fires on the first try across every distro shipped since 2017, and acts as a container escape on Kubernetes nodes. CISA added it to KEV one day after disclosure. Here is the patch sequence, the algif_aead mitigation, and the auditd/Falco detection rules you can deploy this week.

Endpoint Security Vulnerability Management
May 6, 2026

cPanel CVE-2026-41940: A CRLF Injection That Owns 1.5 Million Hosts

CVSS 9.8 pre-auth root on cPanel and WHM, exploited as a zero-day for two months before the patch. 70 million domains affected, 1.5 million internet-exposed instances, and MSPs are the soft target. Here is the patch sequence, the IOC hunt, and the architectural lesson about internet-exposed admin panels.

Web Security Incident Response
May 5, 2026

LiteLLM CVE-2026-42208: When the AI Gateway Becomes the Cloud Account

Pre-auth SQL injection in LiteLLM (CVSS 9.3) was exploited within 36 hours of disclosure. The proxy stores OpenAI, Anthropic, and AWS Bedrock credentials in one row. The blast radius is closer to a cloud-account compromise than a typical web SQLi. Inventory, patch, rotate, and stop letting AI tooling become the new shadow IT.

AI Application Security
May 4, 2026

CVE-2026-32202: APT28's Zero-Click NTLM Theft Through an Incomplete Patch

CISA gave federal agencies until May 12 to patch CVE-2026-32202, a Windows Shell flaw exploited zero-click by APT28 to steal NTLMv2 hashes. The CVSS 4.3 score badly understates the risk: a malicious .library-ms file dropped in any browsed folder triggers outbound SMB to attacker infrastructure. Here is the SMB-grade hardening playbook.

Endpoint Security Incident Response
May 2, 2026

CVE-2026-3854: One git push Owns GitHub Enterprise Server. 88% Still Unpatched.

A single git push command achieves arbitrary code execution on GitHub Enterprise Server. Wiz disclosed it April 28. CVSS 8.7. Eighty-eight percent of GHES instances are still vulnerable. Here is the SMB playbook to verify your version, audit push access, and close the trust boundary.

Application Security Supply Chain
April 28, 2026

Comment and Control: One Prompt Injection Hits Claude Code, Gemini CLI, and Copilot

A single prompt injection broke three of the most widely deployed AI coding agents using nothing more than a PR title or a hidden HTML comment. CVSS 9.4. Zero CVEs. Here is the SMB playbook to audit your CI secrets and rotate before the next pull request.

AI Security Architecture
April 27, 2026

SimpleHelp + DragonForce: When Your MSP's Remote Tool Becomes the Ransomware Vector

CISA added two SimpleHelp CVEs to KEV on April 24. DragonForce ransomware has been weaponizing the chain against MSP customers. Here is the practical SMB playbook — including the five questions to ask your MSP — for the May 4 deadline.

Ransomware Incident Response
April 22, 2026

Deepfake Executive Impersonation: The SMB Verification Playbook for 2026

Voice cloning takes three seconds. Vishing surged 442%. Here is the practical four-control playbook SMBs need before their finance team gets the next deepfake CFO call — with a 30-day rollout plan.

Incident Response AI
April 21, 2026

Apache ActiveMQ CVE-2026-34197: The 13-Year-Old Jolokia RCE Hiding in Your Middleware

A CVSS 8.8 RCE chained through Jolokia and Spring XML sat in ActiveMQ for 13 years. Here is how the exploit works, how to detect it, and how to patch before April 30.

Security Architecture Network Security
April 20, 2026

Inside the Axios Supply Chain Attack: How North Korea Weaponized npm Against 100 Million Developers

A North Korean state actor compromised the most-used npm HTTP library. How the attack worked and how to harden your pipeline.

Product Security Security Architecture
April 19, 2026

Securing MCP Servers: The Attack Surface Nobody Is Auditing in Your AI Agent Stack

MCP connects your AI agents to everything. Five attack layers, a real CVE, and the hardening checklist your team needs.

AI Security Architecture
April 18, 2026

BlueHammer, RedSun, UnDefend: Three Windows Defender Zero-Days and How to Protect Your Endpoints

Three zero-day exploits targeting Windows Defender dropped in 13 days. How they work and what to do about it.

Offensive Security Endpoint Security
April 16, 2026

AI Packet Analyzer: Open-Source Network Forensics That Replaces Hours of Wireshark Work

We built an open-source CLI tool that analyzes pcap files using heuristic AI and optional LLM integration. It runs 20+ automated checks for connectivity troubleshooting and security auditing — delivering severity-ranked findings in seconds, not hours.

Open-Source Tool Network Security AI-Powered Defense
April 3, 2026

How Claude Code + SIFT Workstation Cuts Incident Response from Hours to Minutes

Rob T. Lee demonstrated at [un]prompted 2026 how Protocol SIFT reduces full forensic investigations from a full day to 14 minutes. Your adversary has an AI. You have tab-completion. Here is what to do about it.

AI-Powered Defense Incident Response DFIR
April 2, 2026

AI Agents in the SOC: Automating Repetitive Security Operations Without Losing Control

Your SOC analysts spend 70% of their time on repetitive tasks that an AI agent could handle. Here is how to deploy LLM-powered automation for alert triage, IOC enrichment, and playbook execution — with the guardrails that keep humans in control.

AI Automation SOC Operations
April 2, 2026

Building an Autonomous AI Agent for Compliance Control Testing: A Practical Guide

Manual control testing is expensive, slow, and error-prone. Here is how to build an LLM-powered agent that queries your cloud APIs, validates security controls, and generates audit-ready findings — with architecture, code, and guardrails.

AI Automation Compliance
April 2, 2026

Building a High-Fidelity Detection Library in Splunk: From Noisy Alerts to Actionable Intelligence

Risk-Based Alerting, detection-as-code, and correlation searches that actually catch threats. A deep guide to building a Splunk detection library that your SOC can trust.

SOC Operations Splunk
April 2, 2026

Splunk on a Budget: How to Cut Log Volume by 60% Without Losing Visibility

Splunk licensing costs are killing your budget. Here is how to use transforms.conf, props.conf, and smart data architecture to slash ingestion volume while keeping the data that actually matters for detection.

SIEM Splunk
April 2, 2026

Hybrid Identity Under Attack: Securing the Bridge Between On-Prem AD and Entra ID

Entra Connect is the most privileged service account in your environment and the most overlooked. Here is how attackers exploit hybrid identity infrastructure and how to harden it.

Identity Security Active Directory
April 2, 2026

Hunting for Threats in Entra ID: Sign-In Logs, Audit Logs, and What They Actually Tell You

Seven ready-to-use KQL queries for hunting token theft, AiTM phishing, privilege escalation, and OAuth abuse in your Entra ID environment using Microsoft Sentinel.

SOC Operations Entra ID
April 2, 2026

Entra ID Security Hardening: 15 Settings Every Tenant Should Lock Down Today

PIM, app registrations, consent permissions, cross-tenant access, and 11 more tenant-level settings that most organizations leave at their insecure defaults. Portal paths and PowerShell for each.

Identity Security Entra ID
April 2, 2026

Securing Active Directory Certificate Services: The Attack Surface Nobody Audits

AD CS is deployed in nearly every enterprise and almost never audited. ESC1 through ESC8, Golden Certificates, and the hardening steps that actually matter.

Active Directory Offensive Security
April 2, 2026

How to Attack-Test Your Own Domain Controllers Before an Adversary Does

PingCastle, Purple Knight, BloodHound CE, and Testimo — a purple team self-assessment toolkit for validating your AD security posture before the next pen test or real attacker finds the gaps.

Offensive Security Active Directory
April 2, 2026

Hardening Domain Controllers: The 10-Point Checklist Most Companies Skip

Tiered admin model, LSA Protection, Credential Guard, LDAP signing, KRBTGT rotation, and 5 more DC-specific hardening steps with the PowerShell commands to implement each one.

Active Directory Security Architecture
March 30, 2026

Your Company Just Got Hit with Ransomware: A 48-Hour Survival Playbook for SMBs

Recovery costs average $1.53 million. Downtime averages 24 days. 60% of small businesses that suffer a ransomware attack close within 6 months. Here is the hour-by-hour incident response playbook that determines whether your company survives.

Security Strategy Ransomware Incident Response
March 23, 2026

MFA Is Not Enough: How Attackers Bypass Multi-Factor Authentication and What to Do About It

AiTM phishing attacks surged 146% in one year. Traditional MFA protects the login moment but not the session that follows. Here are the five bypass techniques we see in real engagements and a phased deployment roadmap for phishing-resistant authentication.

Identity Security MFA Phishing
March 12, 2026

5 Active Directory Misconfigurations We See in Every Engagement

After hundreds of assessments, the same identity-based attack vectors keep showing up. Here are the five AD misconfigurations that put your entire organization at risk — and how to fix them before an attacker does.

Active Directory Identity Security
February 18, 2026

What Fortune 500 Security Teams Actually Look for in Vendor Products

We've been on the buyer side for 20+ years. Here's what actually gets your product through enterprise security review — and what gets it rejected before anyone even reads your pitch deck.

Enterprise Product Security
January 9, 2026

How to Reduce SIEM Alert Noise by 80%

Your SOC doesn't have a staffing problem — it has a signal-to-noise problem. Here's our framework for auditing detection rules, eliminating false positives, and restructuring your alert pipeline.

SIEM SOC Operations
December 5, 2025

Why Your Penetration Test Report Is Useless (And What to Ask For Instead)

Most pen test reports are 100-page PDFs that nobody reads. We break down what a useful offensive security engagement actually delivers — and the questions you should be asking before you sign the SOW.

Penetration Testing Red Team
November 14, 2025

Azure AD Conditional Access Policies Most Companies Get Wrong

Conditional Access is one of the most powerful security controls in the Microsoft ecosystem — and one of the most misconfigured. Here are the policy gaps we find in nearly every Entra ID environment we assess.

Azure AD Entra ID
Stay Sharp

Get security insights in your inbox

Practical cybersecurity guidance — no spam, no fluff. One email when we publish something worth reading.