Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this week’s Weekly Brief: The Cyber Risk and Policy Edition, SecurityScorecard’s Director, Public Sector Channel Amanda Smith breaks down why the U.S. war with Iran is more than just what takes place on the physical battlefront. In 2026, as conflict unfolds in the Middle East, the digital battlefield has a direct impact on the homeland and U.S. critical infrastructure, too. “It's a global digital confrontation that hits a lot closer to home than a lot of people realize.”

Ready for the future of Third-Party Risk Management (TPRM)? The supply chain is a growing target, but you can fight back. That world is here with the transformative, threat-informed SecurityScorecard TITAN AI Platform. Imagine a world where you go beyond checking compliance boxes by actively mitigating and eliminating risk with continuous, AI-accelerated, and predictive TPRM that allows you to gain visibility and prioritize threats more effectively. Learn more about the TITAN transformation.

This is SecurityScorecard's Weekly Brief: The Adversary Insights Edition with SecurityScorecard's CISO Steve Cobb. Critical infrastructure security in the U.S. remains an important element of the ongoing conflict between the U.S. and Iran with Iranian-linked threat actors targeting US-based assets. Iranian threat actors have focused their efforts on the fastest methods of attack by searching for what Cobb calls “low hanging fruit” in critical infrastructure environments where many organizations have exposed systems.

This is SecurityScorecard's Weekly Brief: The CISO Edition with SecurityScorecard's CISO Steve Cobb. Is it time to retire the vendor questionnaire and annual assessment routines? Not quite, but following face-to-face customer interactions and many forward-thinking speaking sessions at RSAC 2026, CISO Steve Cobb emphasizes the importance of reducing risk for TPRM programs, which is not achieved by completing a third-party risk assessment checklist alone.

This is SecurityScorecard's Weekly Brief: the RSAC 2026 and TITAN AI Edition. This week, SecurityScorecard unveiled TITAN AI upon touchdown at RSAC 2026 in San Francisco. The new platform is pioneering the modern era of TPRM, leveraging AI, enhanced threat intelligence, and continuous monitoring to deliver measurable supply chain resilience to customers.

Over the past several weeks, OpenClaw and MaltBook have exploded across the headlines. Outlets have published stories about AI agents organizing themselves or even acting independently on Moldtbook. SecurityScorecard’s Jeremy Turner, VP of Threat Intelligence & Research and Anne Griffin, Head of AI Product Strategy discuss what OpenClaw is, how agentic AI works, and where the real security issues are based on new research from SecurityScorecard's STRIKE Threat Intelligence team.

SecurityScorecard's STRIKE Threat Intelligence team has uncovered tens of thousands of exposed OpenClaw instances, many of which are vulnerable to Remote Code Execution (RCE). These exposed OpenClaw instances leave users and organizations open to attacks. OpenClaw and other agentic AI tools are designed to take actions on a user’s behalf, interact with infrastructure, and move across connected services. That functionality is the appeal. It is also the risk for users around the globe.

AI agents aren’t taking over. But agentic AI without security is a real problem. Over the last few days, Moltbot and its social platform Moltbook have surged across headlines and social media. Some are calling it a glimpse of artificial general intelligence. Others say AI agents are organizing themselves. That’s not what’s happening. In this video, SecurityScorecard’s Jeremy Turner, VP of Threat Intelligence & Research, breaks down what Moltbot actually is, why this isn’t AGI, and where the real danger lives.

“150 companies account for 90% of the technology products and services across the global attack surface. 41% of those companies had evidence of at least one compromised device in the past year.” With organizations as interconnected as they are, even organizations who “have” good cybersecurity are only as good as their weakest link.

"When cyber risk is treated as an internal problem, governments miss where most modern attacks actually begin: in their vendors, their service providers, digital dependencies that sit outside their direct control." SecurityScorecard's Head of Public Policy Michael Centrella shares his key takeaways and insights from the latest World Economic Forum’s Global Cybersecurity Outlook 2026 which states a simple, clear truth: cyber risk no longer lives inside the firewall.