Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corelight

Extending the value of network evidence: Introducing Performance and Asset Visibility

Jun 17, 2026 By Tyler Hill In Corelight
Every packet flowing through a Corelight sensor contains both security-relevant data and performance-relevant data. Until now, Corelight has focused exclusively on extracting security value from network traffic: connection logs, protocol analysis, and threat detections. But the same traffic that reveals lateral movement also reveals TCP latency. The same DNS queries that surface potential C2 channels also reveal resolution timing.
Read Post
Corelight

Corelight Sensor v29.1 release highlights: Network evidence powers network operations

Jun 17, 2026 By Cynthia Gonzalez In Corelight
Corelight Sensor v29.1 and Fleet Manager v29.1.1 fundamentally expand what a Corelight Sensor delivers. The release turns existing network evidence into a shared source of truth for SecOps, NetOps, triage, and forensic investigation. Network performance monitoring and asset classification unlock new value from traffic you're already collecting.
Read Post
miniorange

RBAC vs. ABAC: Core Differences, Use Cases, & The AI Agent Era

Jun 17, 2026 By Pratish Ray In miniOrange
As organizations expand across cloud platforms, SaaS applications, remote teams, and AI-driven systems, managing access becomes more challenging. Security teams must ensure users, applications, and automated workflows can access the resources they need without exposing sensitive data or critical systems. This is where the RBAC vs ABAC discussion becomes important.
Read Post
mend

Mastra npm Scope Takeover: 140+ Packages Compromised via easy-day-js Dropper

Jun 17, 2026 By Alina Podoba In Mend
An attacker republished more than 140 packages in the @mastra npm scope, each carrying a single malicious dependency, easy-day-js. The malicious versions were observed on 2026-06-17. easy-day-js is a typosquat of the dayjs date library: version 1.11.21 is the clean prior release with no install hook, while version 1.11.22 adds an obfuscated postinstall dropper.
Read Post
kroll

The Deep Dive: Kroll's Analysis of the GARUDA C2 Malware

Jun 17, 2026 By Kroll In Kroll
Kroll identified a cross-platform malware framework, dubbed GARUDA C2, that uses public code-hosting platforms like GitHub for staging, redundancy and command distribution across Windows, macOS and Linux. Analysis links the campaign to an India-based operator supported by Hindi-language development artifacts, build logs, infrastructure indicators and evidence suggesting use of a locally hosted large language model (LLM) to accelerate malware development.
Read Post
nakivo

VMware ESXi Networking Concepts

Jun 17, 2026 By NAKIVO Team In NAKIVO
For connecting physical servers and computers to a network, you need physical network adapters, switches, and routers. With virtual machines, virtual network concepts are used for communication between the different components of an infrastructure. The proper configuration of ESXi networking on a host is critically important to the configuration of any ESXi environment. Generally, ESXi host networks include storage, vMotion, VM, and management networks.
Read Post
aikido

Over 140 popular Mastra npm Packages Hit by Supply Chain Attack

Jun 17, 2026 By Ilyas Makari In Aikido
On June 17th we detected a large-scale supply chain attack targeting the entire @mastra npm scope, a popular open-source AI agent framework. An attacker republished 141 packages in a burst between 01:15 and 02:00 UTC, silently injecting a malicious dependency into every one of them. The affected packages include @mastra/core, which has 918K weekly npm downloads, as well as mastra and create-mastra.
Read Post
teramind

The 10 Best User & Entity Behavior Analytics (UEBA) Tools

Jun 17, 2026 By Taran Soodan In Teramind
User and entity behavior analytics (UEBA) tools are essential cybersecurity solutions, helping organizations to detect anomalous activities and hidden threats. In this article, we explore the top 10 UEBA tools on the market today. You’ll learn about their key features, use cases, pricing, and customer experiences.
Read Post
How a Managed Security Service Provider Drives Smarter IT Solutions

How a Managed Security Service Provider Drives Smarter IT Solutions

Jun 17, 2026 By SecuritySenses In SecuritySenses
For most growing businesses, trying to keep up with technology while also defending against hackers feels like a never-ending battle. Internal IT teams usually get buried under daily tech support tickets, which leaves them with no time to plan for the future or stop threats before they happen. This is where a managed security service provider (MSSP) makes a real difference. They help you move away from just reacting to problems and toward a setup that's smart, secure, and ready to grow.
Read Post
How Businesses Reduce Costs Without Cutting Service Quality

How Businesses Reduce Costs Without Cutting Service Quality

Jun 17, 2026 By SecuritySenses In SecuritySenses
Every business faces the challenge of managing costs. Whether it's a small local company or a large organization with multiple locations, operating expenses have a direct impact on profitability and long-term sustainability. However, cutting costs can be risky when it affects the customer experience. Reduced service quality often leads to dissatisfied customers, lower retention rates, and damage to a company's reputation.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.