Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The launch of platforms like Moltbook, OpenClaw, and RentAHuman in early 2026 has provided an unsettling glimpse into the future. We are entering a phase of the digital workplace where AI agents no longer just assist us, they interact with one another, act autonomously in the physical world, and even hire humans for manual labor. In this environment, the traditional lines of control and agency are being redrawn.

Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The researchers have observed more than 79,000 scam text messages with over 29,000 unique variants. The attacks are targeting users in multiple languages. “These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly,” the researchers write.

The financial services industry is the fourth most-targeted sector globally, accounting for 12% of all observed activity. eCrime and nation-state adversaries spanning all motivations target these organizations due to their unique convergence of valuable assets, strategic intelligence, and geopolitical significance.

The security landscape has fundamentally changed, and many organizations haven’t caught up. If you’re still relying on quarterly scans, annual penetration tests, or spreadsheet-based vulnerability tracking to manage risks within your applications, you’re not managing risk. You’re documenting it after the fact.

Sophos X-Ops looks at the Atomic macOS Stealer and its capabilities Sophos Managed Detection and Response (MDR) teams recently responded to a customer incident involving an infostealer infection on a macOS host. When we investigated, we found that the infostealer appeared to be a variant of AMOS (Atomic macOS), a well-known malware family we’ve written about before. The attack began with a ClickFix-style ruse, where a user was tricked into running a terminal command.

The days when compliance was only a documentation exercise are long gone. Now, it’s a critical priority for a wide variety of organizations. But compliance is more of a result than a goal. The goal is achieving resilience. Cybersecurity and data protection regulations are rapidly evolving far beyond traditional compliance checklists. Global frameworks and regulations such as NIS 2, DORA, GDPR, HIPAA, SOX and NIST 2.0 are placing greater emphasis on operational resilience.

It's 9:47 AM on a Tuesday. A Slack message from legal lands in the security channel: "Did anyone approve the marketing team's new AI vendor? They're feeding customer data into it." Nobody approved it. The vendor's terms say they can use input data for model training, and the contract was signed three weeks ago. That moment, some version of which plays out at most organizations now, is what makes AI governance an operational priority rather than a compliance exercise.

On May 11, 2026, Mend Defender flagged more than 120 malicious packages newly published to RubyGems — the standard package manager for the Ruby ecosystem. Within 24 hours, that initial cluster expanded into something far larger: tens of thousands of packages pushed by thousands of attacker-controlled accounts, forcing RubyGems to suspend new account registration entirely while the cleanup got underway.

Sensitive data has become the target, the signal, and the source of risk in nearly every modern security program. Source code, customer records, intellectual property, credentials, and regulated data now move continuously across endpoints, cloud apps, SaaS platforms, browsers, collaboration tools, and GenAI applications. That movement is not inherently bad. It is how modern work gets done.