Apple Macbook

(Adobe Stock Images)

ClickFix campaigns target macOS users via MacSync infostealer

Steve ZurierMarch 16, 2026

ClickFix campaigns use fake ChatGPT tools and Terminal tricks to infect macOS with MacSync infostealer.

RESOURCES

SOC
SOC unification in the age of AI: Five strategic takeaways for security leaders
Identity
Workforce identity security: Why you need enterprise password management
Governance, Risk and Compliance
From audit readiness to operational assurance: Why CCM modernization cannot wait
Zero Trust World
The importance of keeping calm in trying circumstances: Zero Trust World 2026
Identity
Identity security as app growth accelerates: Why automation is becoming essential

PODCASTS

Breach
AI Governance, new book (Code War) from Allie Mellen, and the weekly news! – Jeremy Snyder, Allie Mellen – ESW #450
Cloud Security
Exposed: Bank Leak, Copilot Zero-Click, AI Agent Hijacks, Stryker Wipe & Josh Marpet – SWN #563
IoT
Vulnerability Mis-Management – PSW #917
Leadership
Being Exploitable While Your Risk Tolerance Changes and You Unblock Innovation – Myke Lyons – BSW #438
Vulnerability Management
Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland – SWN #562

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

AI phishing, malicious SVGs continues after surge over holidays

Laura FrenchMarch 13, 2026

HoxHunt reports AI-generated phishing increased from 4% to 56% of phishing attempts in December.

System compromised alert digital warning error message, cyber threat red glow, data breach alert.

Threat Management

No restoration timeline for medical device maker Stryker after cyberattack

Steve ZurierMarch 13, 2026

Company also tells customers the attack by Iran-linked Handala disrupted supply chain.

(Credit: Luciano Luppa – stock.adobe.com)

Vulnerability Management

CISA adds n8n RCE flaw to list of known exploited vulnerabilities

Laura FrenchMarch 13, 2026

An authenticated attacker could execute arbitrary code with elevated privileges.

Technology background with national flag of Iran. 3D rendering

Threat Management

Iran-linked group claims wiper attack and takedown of medical device maker Stryker

Steve ZurierMarch 12, 2026

Second major case targeting a U.S. firm after start of Iran conflict Feb. 28.

Threat Management

‘Zombie ZIP’ slips malware past 98% of antivirus engines

Laura FrenchMarch 12, 2026

A simple exploit causes AVs to treat compressed data as uncompressed bytes.

BlackSanta ‘EDR-killer’ malware targets HR departments

Steve ZurierMarch 11, 2026

Malware collects info about the OS, user accounts, and host configurations.

Incident Response

First CIRM warranty protecting employees from breach liability announced

Laura FrenchMarch 11, 2026

BreachRx warranty covers up to $3 million in personal or corporate penalties stemming from an incident.

Salesforce office building in Singapore City. Salesforce Inc is an American Fortune 500 listed, cloud-based software company.

Salesforce confirms ShinyHunters exploited Experience Cloud sites

Steve ZurierMarch 10, 2026

The ShinyHunters cybercrime group has systematically targeted Salesforce instances since mid-2025.

EVENTS