Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sophos

Why AMOS matters: The macOS malware stealing data at scale

May 14, 2026 By Mohammed Zubair In Sophos
Sophos X-Ops looks at the Atomic macOS Stealer and its capabilities Sophos Managed Detection and Response (MDR) teams recently responded to a customer incident involving an infostealer infection on a macOS host. When we investigated, we found that the infostealer appeared to be a variant of AMOS (Atomic macOS), a well-known malware family we’ve written about before. The attack began with a ClickFix-style ruse, where a user was tricked into running a terminal command.
Read Post
acronis

As compliance evolves, operational resilience becomes the real benchmark

May 14, 2026 By Lee Pender In Acronis
The days when compliance was only a documentation exercise are long gone. Now, it’s a critical priority for a wide variety of organizations. But compliance is more of a result than a goal. The goal is achieving resilience. Cybersecurity and data protection regulations are rapidly evolving far beyond traditional compliance checklists. Global frameworks and regulations such as NIS 2, DORA, GDPR, HIPAA, SOX and NIST 2.0 are placing greater emphasis on operational resilience.
Read Post
Tines

AI governance: a practical guide for enterprise leaders

May 14, 2026 By Tines In Tines
It's 9:47 AM on a Tuesday. A Slack message from legal lands in the security channel: "Did anyone approve the marketing team's new AI vendor? They're feeding customer data into it." Nobody approved it. The vendor's terms say they can use input data for model training, and the contract was signed three weeks ago. That moment, some version of which plays out at most organizations now, is what makes AI governance an operational priority rather than a compliance exercise.
Read Post
mend

Inside the RubyGems Supply Chain Attack: How Mend Defender Caught a Coordinated Flood Before It Spread

May 14, 2026 By Maciej Mensfeld In Mend
On May 11, 2026, Mend Defender flagged more than 120 malicious packages newly published to RubyGems — the standard package manager for the Ruby ecosystem. Within 24 hours, that initial cluster expanded into something far larger: tens of thousands of packages pushed by thousands of attacker-controlled accounts, forcing RubyGems to suspend new account registration entirely while the cleanup got underway.
Read Post
cyberhaven

Cyberhaven & Torq: Bringing AI-Powered Automation to IRM and DLP

May 14, 2026 By Iulia Stefoi-Silver In Cyberhaven
Sensitive data has become the target, the signal, and the source of risk in nearly every modern security program. Source code, customer records, intellectual property, credentials, and regulated data now move continuously across endpoints, cloud apps, SaaS platforms, browsers, collaboration tools, and GenAI applications. That movement is not inherently bad. It is how modern work gets done.
Read Post

The Howler Episode 30 - Will May, Chief Revenue Officer

May 14, 2026 By Arctic Wolf Networks In Arctic Wolf
This month, we sit down with Will May, our new Chief Revenue Officer. Take a listen to get to know Will, his leadership philosophy, how he's using AI in his every day, and so much more! Will brings more than 15 years of go-to-market leadership experience across high-growth software, cybersecurity, and cloud technology companies. He has built a strong reputation for helping organizations adopt innovative technologies—including AI-driven platforms—to improve operational efficiency, reduce complexity, and deliver measurable business value.
View Video

Why Cybersecurity is Dead | The Cyber Resilience Playbook

May 14, 2026 By Rubrik In Rubrik
“The cybersecurity industry as we knew it is dead." Rubrik CEO Bipul Sinha explains why the security industry’s obsession with "walls and detection" has failed. AI-powered attacks have reduced the window between intrusion and breach to zero seconds. The only path forward is a fundamental shift from reactive defense to preemptive recovery, at machine speed.
View Video

The New CISO Ep. 145 - Eric O'Neill | Lessons From a Spy Hunter: The Real Cost of a Breach (Part 1)

May 14, 2026 By Exabeam In Exabeam
What does it feel like to stand in the smoking ruin of a ransomware attack? In this episode, Steve Moore is joined by former FBI undercover operative Eric O'Neill—the man who helped capture Robert Hanssen—to explain why modern cybercrime is just traditional espionage repackaged, and why the dark web has quietly become the world's third-largest economy.
View Video

MSPs, Cyber Resilience, & the Human Side of Security w/James McMillan - The 443 Pod - Episode 370

May 14, 2026 By WatchGuard Technologies In WatchGuard
Marc Laliberte and Corey Nachreiner recorded a special episode from WatchGuard’s EMEA Partner Conference in Dubrovnik, Croatia, featuring James McMillan, CTO of Redinet Limited. They discussed the evolving cybersecurity landscape for MSPs and businesses across Europe. James shares insights from his journey in IT and cybersecurity, the growing challenges organizations face as threats become more sophisticated, and why cyber resilience requires more than just technology.
View Video
Arctic Wolf

Detecting Identity Attacks at Scale with Herd Immunity

May 14, 2026 By Trevor Daher and Joshua Riccio In Arctic Wolf
Modern identity‑based attacks often rely on shared infrastructure and reusable attack frameworks, rather than bespoke tooling built for a single target. Phishing kits and phishing‑as‑a‑service (PhaaS) platforms are the clearest example of this model — and today they are the most prevalent sources of account compromise across organizations of all sizes. Device code phishing illustrates how quickly this model evolves.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.