Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sophos

WantToCry ransomware remotely encrypts files

May 19, 2026 By Sophos Counter Threat Unit Research Team In Sophos
SophosLabs analysts investigated WantToCry ransomware attacks that involved the threat actors abusing the Server Message Block (SMB) service for initial access and then exfiltrating files to attacker-controlled infrastructure for remote encryption. The detection surface is significantly reduced because WantToCry operates without local malware execution, and there is no post-compromise activity beyond exfiltrating files and rewriting them to disk.
Read Post
levelblue

AI-Driven Cyber Warfare Reshapes Global Defense Readiness

May 19, 2026 By Ziv Mador In LevelBlue
This article was originally published in TechRadar Pro. The Iran conflict is serving as an AI testbed for the next era of cyber conflict. Most organizations are watching the tactics and impact unfold with cybersecurity defenses that are simply not prepared for this level of sophistication. Meanwhile, technology leaders are seeing AI as both their biggest opportunity and a major new attack vector.
Read Post
Zenity

What 500+ Industry Experts Told Us About Securing Autonomous AI: A Policy Roadmap

May 19, 2026 By Taylor Roberts In Zenity
When the US Center for AI Standards and Innovation (CAISI) asked for public input on securing agentic AI systems, the response was massive: over 500 detailed submissions from Fortune 500 companies, defense contractors, AI startups, and cybersecurity firms. The result is substantial insight into how industry views the regulatory challenges of autonomous AI agents and what they think policymakers should do about it.
Read Post
nightfall

What Is MCP Security? 9 Things Every CISO Needs to Know

May 19, 2026 By Chris Martinez In Nightfall
Your AI agents had a productive day. Nobody can tell you what data they touched. A developer opens Cursor and connects it to a GitHub MCP server and a Postgres MCP server. The agent reads the repo to understand a schema change, finds an AWS access key in a config file, and uses it to run a migration against staging. The key now lives in the agent's context, in the Postgres query log, in the chat history, and in whatever artifact the developer copies out. No alert fired. No policy triggered.
Read Post
cato networks

Making Security Data-Aware with New Integration from Cato Networks and Cyera

May 19, 2026 By Eran Shavit In Cato Networks
Today, Cato Networks announced an integration of Cato XOps with the Cyera AI-native Data Security Platform Management (DSPM). The integration brings Cyera’s data security telemetry directly into Cato XOps, giving security teams visibility into the sensitivity and exposure of data involved in security events. In today’s distributed environments, data lives across the cloud, SaaS, endpoint, and network.
Read Post
Common Mistakes Startups Make When Outsourcing Java Development

Common Mistakes Startups Make When Outsourcing Java Development

May 19, 2026 By SecuritySenses In SecuritySenses
Outsourcing Java development can be a smart move for startups that need speed, specialized talent, and cost efficiency. But the reality is that many startups stumble in ways that could have been avoided with a little foresight. From unclear contracts to poor technical vetting, these missteps can stall your product, drain your budget, and damage relationships with developers. If you're about to outsource Java development or are already mid-project and sensing friction, this guide covers the most common mistakes startups make and what you should do instead.
Read Post
What Is a Reverse Digital Footprint Audit? How to Track Scammers Using OSINT

What Is a Reverse Digital Footprint Audit? How to Track Scammers Using OSINT

May 19, 2026 By SecuritySenses In SecuritySenses
A reverse digital footprint audit is the systematic extraction of an entity's online breadcrumbs-emails, IP addresses, aliases, and exposed credentials-to expose the true identity behind a malicious campaign. It turns the attacker's operational security failures against them. You think cybercriminals are ghosts. They aren't. They buy servers. They register domains. They recycle passwords. They get lazy.
Read Post
Experts State That Insider Threat Could Be The Biggest Risk You Face This Year, But What Does That Actually Mean?

Experts State That Insider Threat Could Be The Biggest Risk You Face This Year, But What Does That Actually Mean?

May 19, 2026 By SecuritySenses In SecuritySenses
If you look solely for outside threats to your business, then you're only seeing half of the picture. External risks like ransomware and phishing pose no more of a threat to operations than so-called 'insider threats', which can see entire data sets laid bare. Worse, there's clear evidence that insider threats are on the rise in roughly 42% of countries. Unsurprisingly, then, experts are classifying insider threat as one of the biggest risks businesses are facing this year.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.