China map outline, flag colors red, yellow glowing. Futuristic circuit board digital technology backdrop. High-tech data streams, innovation, modern design, connectivity global network.

(Adobe Stock)

Google disrupts decade-long China-linked UNC2814 espionage campaign

Steve ZurierFebruary 25, 2026

GTIG points out that this campaign had no overlaps with other PRC activities, such as Salt Typhoon.

RESOURCES

Hardware
Mainframe security in a changing regulatory landscape: Aligning with NYDFS, DORA, and beyond
Firewalls, Routers
Thwarting today’s threats with next-generation security technology
Threat Hunting
Defusing the danger of North Korean IT workers
MDR
How to transform your SOC through XDR and MDR
Government security
Trust and data integrity: Cornerstones of AI for the public sector

PODCASTS

Leadership
Security as a Business Enabler by Re-envisioning Risk and Leading through Uncertainty – Elyse Gunn – BSW #436
Vulnerability Management
Infinite AI Monkeys, Ploutus, Serv-U, Fortinet, Cyberwar, COBOL, NIST, Aaran Leyland – SWN #558
Privacy
Helping Users with Practical Advice to Protect their Digital Devices – Runa Sandvik – ASW #371
Vulnerability Management
Bringing intelligence to assets, new White House cybersecurity strategy, and the news – Tim Morris – ESW #447
Vulnerability Management
Code of Hammurabi, RockYou, MimicRat, Trustconnect, Introsort, AI, Josh Marpet… – SWN #557

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Threat Management

CrowdStrike: Average cyberattack breakout time now under 30 minutes

Laura FrenchFebruary 25, 2026

Attackers gained speed as AI-enabled attacks and zero-day exploitation significantly increased.

Korea North flag - 3D realistic waving flag on matrix digital ba

Threat Management

North Korea’s Lazarus Group targets US, Middle East healthcare sectors

Steve ZurierFebruary 24, 2026

Threat actor focuses on identity-based attacks followed by a ransomware drop.

Application security

SANDWORM_MODE: Shai-Hulud with an AI twist

Laura FrenchFebruary 24, 2026

A new npm supply chain attack injects a malicious MCP server and targets LLM API keys.

Unlocking Potential Exploring the Power of Large Language Models

Application security

Threat group leverages LLMs to compromise 600 FortiGate firewalls

Steve ZurierFebruary 23, 2026

Amazon Threat Intelligence said the attacks happened over five weeks in 55 countries.

Threat Intelligence

FBI posts ATM jackpotting prevention guidance after $20M stolen in 2025

Laura FrenchFebruary 20, 2026

The FBI FLASH alert highlights the threat of Ploutus malware, which exploits XFS software.

(Credit: monticellllo – stock.adobe.com)

Vulnerability Management

CISA update: BeyondTrust RCE exploited in ransomware attacks

Steve ZurierFebruary 20, 2026

Experts say if teams can’t patch right away, take the portal offline to protect against potential ransomware attacks.

New malware-as-a-service fronts as legit RMM provider

Laura FrenchFebruary 20, 2026

Proofpoint worked with industry partners to take down the TrustConnect MaaS, but it quickly reemerged under a different brand.

(Credit: Rafael Henrique – stock.adobe.com)

Vulnerability Management

Attacks on 2 critical Ivanti EPMM bugs surge worldwide

Steve ZurierFebruary 19, 2026

Experts warn teams to check their logs, as dormant backdoors are designed to survive patching.

EVENTS