Threat management

Mastering Threat Management: Your Resource for Detection, Intelligence, Response Strategy, and More.

Evolving fake resume campaign leads to RedLoader, ransomware infection

Laura FrenchDecember 5, 2025

A threat group known as GOLD BLADE is evolving its tactics to deploy RedLoader and QWCrypt.

Today's Top Threat Management Headlines

Threat Management: Explained and Explored

Application security
MCP servers emerge as new supply chain risk as real attacks accelerate
AI benefits/risks
How AI’s ‘Dark Passengers’ disrupt supply chains
Data Security
Q&A on the next big cyber threat: Post-quantum cryptography
Threat Management
Why you should pick a leader in exposure management
Threat Management
How threat intelligence builds shared responsibility in cybersecurity
Exposure management
Shining a light: Why asset inventory is key to exposure management
Exposure management
Speaking plain truth: How exposure management helps CISOs talk to the board
Application security
Emerging threat from deepfakes leads to cybersecurity arms race
Application security
The human factor in Salesforce security: From permission creep to social engineering
AI/ML
Why the industry must collaborate in the AI era

Threat Management News

Threat Intelligence

China-linked threat actor WARP PANDA targets US entities with BRICKSTORM

The group targets VMware vCenter environments, gaining initial access through edge devices.

(Credit: Thaspol – stock.adobe.com)

Claude Agent Skills could be used to deploy malware, researchers say

An attacker could distribute a malicious Skill that quietly retrieves external scripts.

Oracle website on a computer screen. Oracle Corporation is an American multinational computer technology corporation.

Oracle EBS exploitation similar to Clop’s MOVEit, GoAnywhere attacks

Clop ransomware group moves from file transfer tools to legacy business systems like Oracle EBS.

(Credit: Ascannio – stock.adobe.com)

Application security

Accepting Microsoft Teams guest invitations could pose a security risk

Defender for Office 365 protections do not carry over when joining another Teams tenant.

Smart home router glowing with firewall hologram

Network Security

Cyberattacks on legacy firewalls continue. What security teams can do

Security pros offer tips on how to defend against unending attacks on legacy firewalls.

Application security

Synced calendars a potential threat vector for millions of devices

Expired or compromised domains could be used to push out malicious calendar files.

(Credit: Robert – stock.adobe.com)

Vulnerability Management

Critical Oracle Identity Manager RCE flaw revealed, PoC published

Researchers published proof-of-concept code for authentication bypass and RCE in OIM.

Browser notifications abused to spread malicious links

An illicit service called Matrix Push C2 allows users to coordinate push notification attacks.

(Credit: keBu.Medien – stock.adobe.com)

Vulnerability Management

A second Fortinet FortiWeb zero-day spurs 7-day CISA KEV deadline

An authenticated user could use the flaw to execute unauthorized code.

Gh0st RAT spread through thousands of software impersonating sites

Attackers advanced to a more evasive infection chain between two waves of attacks.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

Threat Management Events