Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Mini Shai-Hulud supply chain campaign has resurfaced with its largest wave yet. Over a 48-hour window on May 11-12, 2026, attackers compromised 172 unique packages across 403 malicious versions on npm and PyPI, including high-profile scopes like @tanstack, @uipath, @mistralai, and @opensearch-project.

Author: Alexander Ivanyuk, Senior Director, Technology AI is moving fast, and with that speed comes a new set of terms that many business readers are now hearing for the first time: RAG and MCP. They may sound technical, but the ideas behind them are actually practical. They describe how modern AI systems get better information, connect to business tools, and, in some cases, go beyond answering questions to carrying out work.

MSPs managing hundreds or thousands of endpoints cannot afford remote support that lives in a separate tool, on a separate license, with a separate login and a separate workflow. Every extra console adds friction between monitoring, troubleshooting, patching, and security response. That is exactly why AI remote desktop matters now: not as a buzzword, but as a way to shorten the path from issue detection to issue resolution while keeping technicians in one operational environment.

“If you want to go fast, go alone. If you want to go far, go together.” The adage for teamwork has applied to most modern military operations of the past two decades. The challenge in going together lies in the sensitivity of the information and, at the individual level, determining whose clearance and ‘need to know’ align with yours.

In Ancient Rome, the military had a daily “watchword” that soldiers used to enter the camp. An official would inscribe the watchword on clay tablets, which were distributed throughout the various military units. If a tablet wasn’t returned, they swiftly tracked it down and punished the soldier who had failed to return it.

1Password has never been more popular in the workplace. Okta’s 2026 “Businesses at Work” report reveals that, of the 8,000+ apps that Okta analyzed, “The security tool 1Password showed the highest industry-level growth, notching a 370% YoY increase in the technology sector.”

Seven things security teams can start doing today to reduce risk.

The State of Identity Security 2026: Identity is the new perimeter Discover the causes and consequences of identity threats based on a survey of 5,000 organizations across 17 countries. In the modern cybersecurity landscape, the traditional network perimeter has dissolved. Today, identity as a perimeter keeps getting stronger and stronger. As organizations accelerate cloud adoption and integrate AI systems, the number of digital identities, both human and non-human, has grown exponentially.

Sophos Endpoint in action: Blocking a novel supply chain attack How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack. Sophos Endpoint is architected from the ground up to automatically block exploits, ransomware, and attacker techniques by default with zero manual tuning.

For years, cybersecurity strategy has been built around a simple idea: keep attackers out. Stronger perimeters. Better firewalls. More advanced endpoint protection. Smarter email filtering. But the latest insights from the Microsoft Digital Defense Report tell a very different story. Attackers aren’t breaking in. They’re logging in.