Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At the Milken Conference in May 2026, Robert F. Smith, founder and CEO of Vista Equity Partners, described a shift that every security leader should hear. Software, he said, has moved through three states: product, then service and now worker. "That agent, that software, actually does work." Companies that do not make the transition to software as a worker, he was blunt, risk being disintermediated entirely.

A new report from the US Federal Trade Commission (FTC) has found that Americans lost $2.1 billion in 2025 to scams that began on social media. Nearly 30% of people who reported losing money to a scam said it started on social media, far outpacing other modes of contact.

It's getting harder to distinguish legitimate emails from malicious ones as phishing messages mimic real conversations, use trusted domains and increasingly leverage AI to scale and refine attacks. This shift is forcing organizations to rethink how they approach email security. Static controls that rely on known indicators can't keep up with threats that are evolving daily. To close that gap, teams need email security systems with integrated threat intelligence feeds.

Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The researchers have observed more than 79,000 scam text messages with over 29,000 unique variants. The attacks are targeting users in multiple languages. “These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly,” the researchers write.

The launch of platforms like Moltbook, OpenClaw, and RentAHuman in early 2026 has provided an unsettling glimpse into the future. We are entering a phase of the digital workplace where AI agents no longer just assist us, they interact with one another, act autonomously in the physical world, and even hire humans for manual labor. In this environment, the traditional lines of control and agency are being redrawn.

Researchers at Bitdefender warn that Netflix-themed phishing attacks can have far-reaching consequences if users follow poor security practices. While Netflix is generally associated with a user’s personal life, phishing attacks targeting personal accounts can put users’ employers at risk. “Your Netflix account is just the starting point. It’s not the final target,” Bitdefender says. “Most people reuse passwords across multiple platforms.

A major phishing operation is targeting soccer/football fans ahead of the 2026 FIFA World Cup, which begins in June, according to researchers at Flare. The attackers have set up at least 79 phishing sites impersonating the official FIFA website.

This Anti-Ransomware Day, it's important to recognize the ever-changing landscape of cyber threats and how organizations can fortify their defenses. The evolution from traditional ransomware to cyber extortion over the last few years reflects a professionalized, decentralized ecosystem. To arm your organization against this danger, understanding the current landscape and implementing robust defense strategies is essential.

The Asia-Pacific and Japan (APJ) region, with its dynamic economic growth and technological advancements, presents unique challenges and opportunities in the realm of human risk management and agentic risk management, particularly within the financial services sector. As financial institutions strive to protect themselves from increasing cyber threats, they must align their security practices with the regulations set forth by central banks across the countries.

The Philippines, like many other nations, is witnessing a dramatic increase in cyber threats, fueled by the rapid adoption of digital technologies and the proliferation of sophisticated cybercriminals. This article examines the evolution of cyber threats in the Philippines, with a focus on phishing, email security and the risks posed by agentic AI.