(Adobe Stock)

Microsoft Office bugs exploited by Russia-linked APT28

Steve ZurierFebruary 3, 2026

Experts warn that social engineering lets attackers take advantage of even the lesser-rated vulnerabilities.

RESOURCES

Government security
ICIT’s Center for FCEB Resilience: Strengthening federal civilian agencies
AI/ML
Trusted automation: Building autonomous IT with confidence
AI/ML
SASE’s role in securing AI adoption: How existing tools can manage AI security
Zero Trust World
Hackers, surprises and outer space: What we’ll see at Zero Trust World 2026
Identity
Beyond MFA: Securing the human element with identity threat detection

PODCASTS

Vulnerability Management
DBII, Notepad++, Covenant, Fancy Bear, CTFs, Firefox, AI Slop, Josh Marpet, and More – SWN #552
Application security
Focusing on Proactive Controls in the Face of LLM-Assisted Malware – Rob Allen – ASW #368
Security Operations
Initial entry to resilience: understanding modern attack flows and this week’s news – Warwick Webb – ESW #444
Vulnerability Management
AI Grief, Fortinet, BSODs, WINRAR, Montreaux, Big Iron, Memory Prices, Josh Marpet… – SWN #551
Government Regulations
To curmudgeon or not to curmudgeon, that is the question. – PSW #911

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

(Credit: monticellllo – stock.adobe.com)

PDF phishing attack leads to stolen Dropbox credentials

Laura FrenchFebruary 2, 2026

The attack uses seemingly benign attachments and trusted cloud infrastructure to evade detection.

Cyber Threats Pictured: Neon Green Hacker's Skull & Crossbones on Binary Background

Security Operations

GlassWorm malware targets Open VSX Registry in supply chain attack

Steve ZurierFebruary 2, 2026

Experts concerned the malware can spread throughout the open-source developer environment.

Security Operations

AI agents solve 9 of 10 web security CTF challenges in recent study

Laura FrenchJanuary 30, 2026

The agents solved most challenges at low cost but struggled with more broadly scoped tasks.

IT professional fixing software bug with binary code display

Security Operations

Ivanti patches two 9.8 bugs in Endpoint Manager Mobile

Steve ZurierJanuary 30, 2026

CVE-2026-1281 and CVE-2026-1340 have CVSS scores of 9.8 and have already been exploited.

Security Operations

Google disrupts IPIDEA residential proxy network used in cybercrime

Laura FrenchJanuary 30, 2026

Google said the network is overwhelmingly used by malicious actors, including botnet operators.

Google Cloud sign is displayed at Google campus in Silicon Valley - Sunnyvale, California, USA - November, 2019

Security Operations

PricewaterhouseCoopers, Google Cloud sign $400 million AI deal

Steve ZurierJanuary 29, 2026

Google will develop artificial intelligence that PwC will roll it out to Fortune 500.

(Credit: Azulblue – stock.adobe.com)

Security Operations

Two n8n sandbox escape vulnerabilities allow RCE

Laura FrenchJanuary 29, 2026

The flaws affect the platform’s expression engine and Python Code Node.

Laptop user pressing Windows Key on Microsoft Windows keyboard.

Security Operations

Microsoft Windows file archival tool WinRAR exploited worldwide

Steve ZurierJanuary 28, 2026

Vulnerability lets threat actors drop malware into the Windows Startup folder.

EVENTS