Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security is a core leadership issue & opportunity with David Chernitzky, Armour Cybersecurity [317]

May 27, 2026 By LimaCharlie In LimaCharlie
Today David Chernitzky, Co-Founder and CEO of Armour Cybersecurity, breaks down the challenges small and mid-sized businesses face in the new blink-and-you-miss-it cybersecurity landscape. Don't be left behind and open yourself to AI-driven attacks from threat actors.
View Video
Arctic Wolf

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

May 27, 2026 By Arctic Wolf Labs In Arctic Wolf
In May 2026, Arctic Wolf observed a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer. We named this payload EKZ Infostealer, based on internal symbol names extracted from decrypted code.
Read Post
LimaCharlie

Analyzing real malware with Claude Code and LimaCharlie

May 27, 2026 By Daniel Ballmer In LimaCharlie
Most malware analysis workflows follow the same pattern: run a set of tools, manually review the output, build detection rules from memory, and repeat. It's reliable, but slow, and for MDR and MSSP teams handling volume, delays have a cost. In this workshop, LimaCharlie Senior Solutions Engineer Chris Botelho demonstrates a faster path: using Claude Code with LimaCharlie's reverse engineering environment to triage, analyze, and build detections against a real malware sample pulled from Malware Bazaar.
Read Post
aikido

Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens

May 27, 2026 By Charlie Eriksen In Aikido
There's a new playbook in the supply chain threat landscape, where an someone builds something genuinely useful, growing a real user base. But all while stealing credentials. codexui-android is a remote web UI for OpenAI Codex. Real GitHub repo. Active development. Polished enough to get 27.000 weekly downloads. And for the past month, every single invocation has been quietly exfiltrating your Codex authentication tokens to an attacker-controlled server.
Read Post

GitGuardian Just Gave AI Coding Agents Secret Detection Skills

May 27, 2026 By GitGuardian In GitGuardian
AI coding assistants like Claude Code and Cursor are helping developers write more code faster, but that also means more chances for secrets to slip into prompts, files, commits, and tool outputs. GitGuardian’s new open-source **agent-skills** repository teaches AI agents how to use **ggshield** directly inside the developer workflow: when to scan, how to read findings, and how to guide remediation for leaked credentials.
View Video
jfrog

Introducing Package Traffic Controller: Software Supply Chain Security at the Network Edge

May 27, 2026 By Sean Pratt In JFrog
Imagine this: your security team has done everything right. All development teams are using a centrally managed artifact repository with scanning in place. Your engineering organization has clear policies about where packages can come from. You feel good about your software supply chain posture. Then an incident review surfaces something nobody planned for: a compromised npm package entered your environment.
Read Post
netwrix

OpenAI and the environment AI inherits

May 27, 2026 By Grady Summers In Netwrix
AI inherits the access permissions that accumulated quietly in organizations for years. Frontier models eliminate the obscurity that once limited what attackers, and even employees, could reach. Sensitive data, stale service accounts, and unreviewed permissions now surface in seconds. Governing identity and access before connecting AI determines whether frontier models become a force multiplier or a compounding risk.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.