Pre-release discount: Practical risk management using the NIST CSF 2.0
The NIST 2.0 Cybersecurity Framework delivers clear guidance on applying the gold standard NIST framework in complex, real-world situations.
Hackers turned to AI in attempted mass cyberattack, Google reveals
Trump's planned AI-enabled cyber EO stops short of requirements, German authorities shut down relaunched Crimenetwork, L3 Trenchant zero-day peddling exec order to pay $10m, Poland has thwarted many Russian sabotage efforts, IMF warns of financial shock from AI-enabled cyberattacks, much more
How ordinary tech becomes surveillance infrastructure: Best infosec long reads 5/9/26
How Israeli telecom networks were used for surveillance, Everyday objects are now surveillance devices, AI's risks demand careful human oversight, Hackers can take over smart lawn mowers' cameras and controls, Fears of AI tap into old cultural stories
Canvas chaos: ShinyHunters breach throws schools into disarray
Firefox bug fixes soar after using Mythos, Virginia man found guilty of destroying government databases, OpenAI rolls out GPT 5.5 to vetted cyber defenders, PCPJack steals cloud creds while removing TeamPCP access, Ivanti urges patches for Endpoint Manager Mobile (EPMM) zero day bug, much more
Russia’s hidden hacker academy exposed in massive document leak
US-China weigh AI risk talks, Wiles says Trump won’t pick AI winners, Vibe-coded apps lack security, GothFerrari fraudster gets 78 months, MuddyWater masks ops as Chaos ransomware, Phishing hits ManageWP via Google-sponsored search ads, Japan urges CI to do cyber better, much more
US taps Microsoft, Google, xAI for pre-release AI testing as threat worries grow
FTC to ban Kochava from selling location data, State officials urge AI companies to include them in early-access testing, CISA wants CI firms to plan for essential service disconnection, DAEMON Tools software delivered backdoor to thousands, Breach forced Coupang to lose money, much more
Trump eyes AI crackdown after hands-off push falters
EU is talking with Anthropic to test banks with Mythos, DHS intelligence office staff failed to secure smartphones, A Latvian was sentenced to 8.5 years for role in Karakurt ransomware, A Romanian was indicted for bank fraud scheme dating to 2009, CISA unveils CI Fortify for CI entities, much more
Five Eyes warn that agentic AI is already in critical systems—and security isn’t keeping up
Trellix hit by significant breach, 15-year-old was busted for French gov't hack, CISA warns of Copy Fail exploits in the wild, Defender flags some legit DigiCert root certs as malware, Sri Lanka arrests 37 Chinese cyberscam operators, US health insurance exchanges share data with big tech, much more
The new infosec battleground is human: This week's best infosec long reads 5/2/26
Journalist surveillance is a global industry, China retaliated against reporters through surveillance, AI jailbreaking takes a toll on the soul, Fraudsters targeted vulnerable immigrants, DHS has built a vast surveillance system, Memory-safe programming languages are critical to AI attack defense
GPT-5.5 aces UK cyber trials, tops rivals in AISI tests
NSA is testing Mythos, Anthropic publishes Claude Security for Claude Enterprise, Flock spied on a kid's gym room, DPRK hackers have stolen $577m in crypto year-to-date, Rhysida demands ransom from Stelia Aerospace NA, Two ransomware negotiators sentenced to prison, much more
Nine Dubai scam centers raided in joint US-China operation, 276 arrested
White House opposes Anthropic's expansion of Mythos access, Oz government warns banks on AI cyberattacks, Ukraine arrests three people who allegedly hacked 610k+ Roblox accounts, European celebrity exposed cloud repo with 90k stalkerware screenshots, Chinese hackers breached Cuba's embassy, more
Scattered Spider’s ‘Bouquet’ nabbed after globe-trotting luxury hacker spree
White House is trying to get Anthropic back on board while lawmakers come up to speed, Paragon not cooperating with Italian prosecutors, Polymarket denies breach reports, Syndicate was hacked for about $400k, FIDO Alliance forms AI agent standards groups, Vimeo admits breach through, much more