Threat management

Mastering Threat Management: Your Resource for Detection, Intelligence, Response Strategy, and More.

(Credit: daily_creativity – stock.adobe.com)

OpenAI lays out its plan for major advances in AI cybersecurity features

Laura FrenchDecember 12, 2025

The ChatGPT maker says it’s using a combination of training, detection and red teaming to prevent misuse.

Today's Top Threat Management Headlines

Threat Management: Explained and Explored

Network Security
Why blind spots inside networks put companies at risk
AI/ML
Seven ways to develop a governance framework for AI browsers
Application security
From admin-led maintenance to policy-as-code: Re-architecting Salesforce governance for security
AI/ML
Five ways teams can manage data leaks from AI browsers
Application security
MCP servers emerge as new supply chain risk as real attacks accelerate
AI benefits/risks
How AI’s ‘Dark Passengers’ twist supply chains into attack vectors
Data Security
Q&A on the next big cyber threat: Post-quantum cryptography
Threat Management
Why you should pick a leader in exposure management
Threat Management
How threat intelligence builds shared responsibility in cybersecurity
Exposure management
Shining a light: Why asset inventory is key to exposure management

Threat Management News

North Korea digital technology flag cyber background. North Korean banner cyberattack and espionage concept illustration.

Vulnerability Management

North Korea-linked ‘EtherRAT’ backdoor used in React2Shell attacks

The malware retrieves C2 addresses from Ethereum smart contracts to avoid takedowns.

Evolving fake resume campaign leads to RedLoader, ransomware infection

A threat group known as GOLD BLADE is evolving its tactics to deploy RedLoader and QWCrypt.

China map outline, flag colors red, yellow glowing. Futuristic circuit board digital technology backdrop. High-tech data streams, innovation, modern design, connectivity global network.

Vulnerability Management

React2Shell bug exploited by China-linked groups, fix briefly disrupts Cloudflare

React2Shell shows patching must be immediate — attackers now weaponize flaws within hours.

Threat Intelligence

China-linked threat actor WARP PANDA targets US entities with BRICKSTORM

The group targets VMware vCenter environments, gaining initial access through edge devices.

(Credit: Thaspol – stock.adobe.com)

Claude Agent Skills could be used to deploy malware, researchers say

An attacker could distribute a malicious Skill that quietly retrieves external scripts.

Oracle website on a computer screen. Oracle Corporation is an American multinational computer technology corporation.

Oracle EBS exploitation similar to Clop’s MOVEit, GoAnywhere attacks

Clop ransomware group moves from file transfer tools to legacy business systems like Oracle EBS.

(Credit: Ascannio – stock.adobe.com)

Application security

Accepting Microsoft Teams guest invitations could pose a security risk

Defender for Office 365 protections do not carry over when joining another Teams tenant.

Smart home router glowing with firewall hologram

Network Security

Cyberattacks on legacy firewalls continue. What security teams can do

Security pros offer tips on how to defend against unending attacks on legacy firewalls.

Application security

Synced calendars a potential threat vector for millions of devices

Expired or compromised domains could be used to push out malicious calendar files.

(Credit: Robert – stock.adobe.com)

Vulnerability Management

Critical Oracle Identity Manager RCE flaw revealed, PoC published

Researchers published proof-of-concept code for authentication bypass and RCE in OIM.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

Threat Management Events