Threat management

Mastering Threat Management: Your Resource for Detection, Intelligence, Response Strategy, and More.

AI agents solve 9 of 10 web security CTF challenges in recent study

Laura FrenchJanuary 30, 2026

The agents solved most challenges at low cost but struggled with more broadly scoped tasks.

Today's Top Threat Management Headlines

Threat Management: Explained and Explored

Security Operations
China’s Typhoon hackers have changed the rules of cybersecurity
Governance, Risk and Compliance
Paper promises don’t patch supply chain vulnerabilities
Security Operations
2026 security predictions: AI-driven attacks, extortion, trust collapse
Zero Trust World
Hackers, surprises and outer space: What we’ll see at Zero Trust World 2026
AI/ML
The rise of shadow AIT: From blind spots to real-time insight
Application security
2026 AI reckoning: Agent breaches, NHI sprawl, deepfakes
Email security
Beyond the SEG: Rethinking email security for the modern enterprise
Risk Identification/Classification/Mitigation
Hiding in plain sight: What the death of Aldrich Ames teaches us about insider threats
Identity
The credential crisis: How trusted access became the biggest enterprise risk
Identity
Identity becomes the 2026 battleground as AI erases trust signals

Threat Management News

IT professional fixing software bug with binary code display

Security Operations

Ivanti patches two 9.8 bugs in Endpoint Manager Mobile

Steve ZurierJanuary 30, 2026

CVE-2026-1281 and CVE-2026-1340 have CVSS scores of 9.8 and have already been exploited.

Security Operations

Google disrupts IPIDEA residential proxy network used in cybercrime

Laura FrenchJanuary 30, 2026

Google said the network is overwhelmingly used by malicious actors, including botnet operators.

(Credit: Rizq – stock.adobe.com)

Application security

Researchers find 16 browser extensions stealing ChatGPT session tokens

Laura FrenchJanuary 27, 2026

One of the malicious ChatGPT “mods” has a featured badge on the Chrome Web Store.

Millions of Gmail, Facebook and other account credentials exposed

Laura FrenchJanuary 23, 2026

The dataset included email accounts, social media accounts, financial accounts and more.

China Bans Cyber Attacks: Examining Internet Security with Chinese Flag and Binary Data Through a Magnifying Glass Concept

Application security

Chinese firms directed to not buy US, Israeli cybersecurity software

Steve ZurierJanuary 21, 2026

Experts say the move is performative, as Beijing does not permit that many U.S. and Israeli cyber products to enter China.

(Credit: Bilal Ulker – stock.adobe.com)

LastPass warns of vault backup phishing emails

Laura FrenchJanuary 21, 2026

The emails claim LastPass will be going into maintenance, requiring action within 24 hours.

Security Operations

Malicious ad blocker extension uses ‘CrashFix’ to spread new Python RAT

Laura FrenchJanuary 21, 2026

The ClickFix variant crashes the user’s browser and instructs them to copy and paste commands to fix the issue.

(Credit: mehaniq41 – stock.adobe.com)

Workday, NetSuite and SuccessFactors sessions targeted by malicious Chrome extensions

Laura FrenchJanuary 20, 2026

Five related extensions were found to steal cookies and block platform security pages.

Threat Intelligence

How Gootloader uses malformed ZIP archives to evade detection

Laura FrenchJanuary 16, 2026

7zip and WinRAR fail to extract the archive’s contents, while the Windows default tool easily opens it.

The word "cybercrime" is illuminated in a red on a computer keyboard

Security Operations

Microsoft takes down cybercrime subscription service RedVDS

Steve ZurierJanuary 15, 2026

Virtual cybercrime subscription service stole $40 million in the U.S. alone.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

Threat Management Events