Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Network Blind Spot Adversaries Exploit

Feb 20, 2026 By CrowdStrike In CrowdStrike
Did you know there may be a blind spot in your network right now? Firewalls, routers, and edge devices often generate minimal logs by default, creating visibility gaps that adversaries can exploit. In this breakdown, we examine how a China-nexus threat group known as Operator Panda leveraged vulnerable network devices to gain access, establish persistence, and remain undetected even after patches were applied.
View Video

Outpacing Modern Adversaries with the CrowdStrike Agentic SOC

Feb 20, 2026 By CrowdStrike In CrowdStrike
Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.
View Video
teleport

From Zero Trust to SPIFFE: How to Secure Microservices with Istio and Teleport

Feb 20, 2026 By Jeff Ellin, Boris Kurktchiev In Teleport
This guide walks through how to deploy microservices with Zero Trust using SPIFFE identities, service mesh mTLS, and short-lived certificates. You’ll learn how to deploy a secure microservices application, configure default-deny authorization policies, and rebuild service connectivity with explicit SPIFFE-based allow rules.
Read Post
acronis

Partner-level vulnerability assessment and patch management for MSPs in Acronis RMM

Feb 20, 2026 By Alexey Sotnikov In Acronis
For MSPs, vulnerability assessment and patch management are challenging primarily because of scale. Every new customer adds another tenant to configure, monitor and maintain, which multiplies operational overhead and increases the risk of inconsistency. The newly released cross-tenant, partner-level vulnerability assessment and patch management in Acronis RMM is designed to break this pattern.
Read Post
aikido

What is Slopsquatting? The AI Package Hallucination Attack Already Happening

Feb 20, 2026 By Dania Durnas In Aikido
Typosquatting, registering a typoed version of a popular package and waiting for a developer to accidentally type and install the wrong package, has been around for a decade in npm. It’s nothing new— the registry has protections for it. Then AI came along and changed everything again. Slopsquatting is the new, AI flavor of typosquatting. Instead of betting on human typos, attackers bet on AI hallucinations, the package names that LLMs confidently recommend that don't actually exist.
Read Post
keeper

Replacing Password Sharing in Slack With Secure Access Workflows

Feb 20, 2026 By Ashley D'Andrea In Keeper
Many teams share credentials in Slack out of convenience, but this seemingly harmless habit introduces serious security and compliance risks. From accidental exposure to unauthorized access, sharing passwords in Slack can create major vulnerabilities across your organization. Keeper’s Slack workflow replaces risky password sharing in Slack with secure, Just-in-Time (JIT) access requests and approvals.
Read Post

Notepad++ Supply Chain Attack Explained | CrowdStrike OverWatch Identified It Months Early

Feb 20, 2026 By CrowdStrike In CrowdStrike
Your next software update could be weaponized. In this short breakdown, we examine how adversaries compromised the Notepad++ update mechanism to distribute malware and how CrowdStrike identified the activity four months before public disclosure.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.