The 2026 FIFA World Cup kicked off on June 11th across the United States, Canada, and Mexico. Six million fans are expected to attend, and millions more will hunt online for tickets, streams, and jerseys. Scammers prepared for this moment too. The FBI and several research teams report thousands of fake FIFA websites, malicious streaming […]

Google has built and released a new cookie protection measure that makes stolen session cookies useless on any other device for websites updated to support this approach. Here is what it does, who it helps, and what to do right now. The Short VersionInfostealer malware does not need your password or even your MFA Codes. […]

New benchmark data names MDASH and Claude Mythos Preview are the top AI agents finding zero-day vulnerabilities of 2026. They find software bugs better than any human can, in less time, with more proof than every before. Here is what that means for your organization, and what you can do about it today. AI Vulnerability […]

One Forgotten Password, Almost a Catastrophe A single Windows machine at a retail store location had a cached AWS access key sitting on it. Nobody put it there on purpose. A user logged in, AWS stored the key automatically, and life moved on. No alarms, no policy violations, no red flags. Except that one key, […]

You now have five important reasons to start a router security conversation with your small business clients this week, especially those with work-from-home staff members. One of them has Russian military intelligence in the headline. This is your overview, talking points, and action plan. Why router security is front and center right now The FBI […]

OAuth tokens don’t expire when employees leave, passwords change, or apps go rogue. Your security program needs to understand this risk and remove unneeded and abandoned entitlements asap. Picture a spare key. You handed it to a contractor six months ago so they could fix your HVAC. The job is done. The contractor moved on. […]

Most breaches don’t start with a hacker in a hoodie cracking code at 3am. They start with your username and a password from a breach that happened three years ago at a site you forgot you signed up for. Picture a thief who skips picking the lock entirely because the key is sitting right there […]

A Practical Brief for vCISOs THE WARNING WE IGNORED OR COULD NOT UNDERSTAND For years, the most credible voices in AI research have issued the same warning. Treat artificial intelligence with the same institutional seriousness the world applied to nuclear technology. Warren Buffet put it plainly at the 2024 Berkshire Hathaway shareholder meeting: “We let […]

A guide to spotting senior executive impersonation scams before the fake CEO gets a real wire transfer. It Starts With a Message That Feels Important You get an email or a call. The name on the screen is your CEO or CFO. The tone is serious. There is a confidential deal happening, an acquisition, a […]

Artificial Intelligence (or AI) is making phishing emails smarter, malware sneakier, and credential theft easier putting each of us at increased risk of attack and compromise. Criminals are using AI to do something old-school security tools were never built to stop. They are making attacks look like normal, everyday activity. Not scary. Not obvious. Just […]