Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI tools are moving faster than the security controls meant to govern them.In this episode of Defender Fridays, Cisco's Cybersecurity Technical Solutions Architect Katherine McNamara walks through changes in the threat landscape as organizations rush to integrate AI without applying basic security discipline. When Katherine meets with customers to discuss AI security, the conversation almost always starts and ends in the same place: data leakage. Someone might upload sensitive files to a public LLM.

Five years ago, enterprise ransomware risk was mostly a perimeter problem. Today it’s an identity problem, a visibility problem, and a cloud configuration problem, all at once. Hybrid work and cloud adoption didn’t just shift where people work. They fundamentally changed where ransomware attacks begin, how far they reach, and how long they go undetected.

Healthcare organizations are a primary target for cyberattacks. Outdated legacy tech runs rampant, and ransomware attacks are shutting down hospitals, forcing them to revert to paper records and cancel non-emergency procedures. The ripple effects extend beyond the targeted facility, overwhelming neighboring hospitals, putting lives at risk.

One compromised privileged account can undo millions in security investments. Attackers know this. In fact, it's the reason privileged access has become the most sought-after prize in the modern enterprise. Gone are the days when getting past the firewall was enough to give an attacker free rein. Widespread adoption of Zero Trust principles, stronger default configurations and better security hygiene have made that approach obsolete. So, adversaries have adapted.

On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 as compromised versions containing an obfuscated credential-stealing payload. The malicious code was added to the CommonJS bundle, node-ipc.cjs, and is triggered when the package is loaded through require("node-ipc").

Healthcare absorbed ~24 million attacks in 2025, a 115% increase year over year, according to the Indusface State of Application Security 2026 report. DDoS alone grew 39% across the sector. But disruption here is not just about lost revenue or downtime. When systems go dark, emergency rooms divert patients, doctors lose access to electronic health records, and appointments are cancelled.

Fake banking sites aren’t just a customer problem. CFPB guidance makes clear that when a fraudster obtains account access information through deception and uses it to initiate a covered EFT, the transfer may qualify as an unauthorized EFT under Regulation E. That means cloned login pages can create investigation obligations, provisional credit requirements, and reimbursement exposure for banks, even when the customer typed the password themselves.

It's getting harder to distinguish legitimate emails from malicious ones as phishing messages mimic real conversations, use trusted domains and increasingly leverage AI to scale and refine attacks. This shift is forcing organizations to rethink how they approach email security. Static controls that rely on known indicators can't keep up with threats that are evolving daily. To close that gap, teams need email security systems with integrated threat intelligence feeds.

The launch of platforms like Moltbook, OpenClaw, and RentAHuman in early 2026 has provided an unsettling glimpse into the future. We are entering a phase of the digital workplace where AI agents no longer just assist us, they interact with one another, act autonomously in the physical world, and even hire humans for manual labor. In this environment, the traditional lines of control and agency are being redrawn.

Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The researchers have observed more than 79,000 scam text messages with over 29,000 unique variants. The attacks are targeting users in multiple languages. “These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly,” the researchers write.