Threat management

Mastering Threat Management: Your Resource for Detection, Intelligence, Response Strategy, and More.

More than 10,000 IPs hijacked by SystemBC botnet

Laura FrenchFebruary 5, 2026

Researchers identified continued development of the botnet despite “Operation Endgame” disruption.

Today's Top Threat Management Headlines

Threat Management: Explained and Explored

AI/ML
Keeping code secure as generative AI accelerates software development
Security Operations
China’s Typhoon hackers have changed the rules of cybersecurity
Governance, Risk and Compliance
Paper promises don’t patch supply chain vulnerabilities
Security Operations
2026 security predictions: AI-driven attacks, extortion, trust collapse
Zero Trust World
Hackers, surprises and outer space: What we’ll see at Zero Trust World 2026
AI/ML
The rise of shadow AIT: From blind spots to real-time insight
Application security
2026 AI reckoning: Agent breaches, NHI sprawl, deepfakes
Email security
Beyond the SEG: Rethinking email security for the modern enterprise
Risk Identification/Classification/Mitigation
Hiding in plain sight: What the death of Aldrich Ames teaches us about insider threats
Identity
The credential crisis: How trusted access became the biggest enterprise risk

Threat Management News

Security Operations

Microsoft Office bugs exploited by Russia-linked APT28

Steve ZurierFebruary 3, 2026

Experts warn that social engineering lets attackers take advantage of even the lesser-rated vulnerabilities.

Security Operations

AI agents solve 9 of 10 web security CTF challenges in recent study

Laura FrenchJanuary 30, 2026

The agents solved most challenges at low cost but struggled with more broadly scoped tasks.

IT professional fixing software bug with binary code display

Security Operations

Ivanti patches two 9.8 bugs in Endpoint Manager Mobile

Steve ZurierJanuary 30, 2026

CVE-2026-1281 and CVE-2026-1340 have CVSS scores of 9.8 and have already been exploited.

Security Operations

Google disrupts IPIDEA residential proxy network used in cybercrime

Laura FrenchJanuary 30, 2026

Google said the network is overwhelmingly used by malicious actors, including botnet operators.

(Credit: Rizq – stock.adobe.com)

Application security

Researchers find 16 browser extensions stealing ChatGPT session tokens

Laura FrenchJanuary 27, 2026

One of the malicious ChatGPT “mods” has a featured badge on the Chrome Web Store.

Millions of Gmail, Facebook and other account credentials exposed

Laura FrenchJanuary 23, 2026

The dataset included email accounts, social media accounts, financial accounts and more.

China Bans Cyber Attacks: Examining Internet Security with Chinese Flag and Binary Data Through a Magnifying Glass Concept

Application security

Chinese firms directed to not buy US, Israeli cybersecurity software

Steve ZurierJanuary 21, 2026

Experts say the move is performative, as Beijing does not permit that many U.S. and Israeli cyber products to enter China.

(Credit: Bilal Ulker – stock.adobe.com)

LastPass warns of vault backup phishing emails

Laura FrenchJanuary 21, 2026

The emails claim LastPass will be going into maintenance, requiring action within 24 hours.

Security Operations

Malicious ad blocker extension uses ‘CrashFix’ to spread new Python RAT

Laura FrenchJanuary 21, 2026

The ClickFix variant crashes the user’s browser and instructs them to copy and paste commands to fix the issue.

(Credit: mehaniq41 – stock.adobe.com)

Workday, NetSuite and SuccessFactors sessions targeted by malicious Chrome extensions

Laura FrenchJanuary 20, 2026

Five related extensions were found to steal cookies and block platform security pages.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

Threat Management Events