Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

securonix

Deep#Door Stealer: Stealthy Python Backdoor and Credential Stealer Leveraging Tunneling, Multi-Layer Persistence, and In-Memory Surveillance Capabilities

Apr 29, 2026 By Akshay Gaikwad, Shikha Sangwan, Aaron Beardslee In Securonix
Securonix Threat Research analyzed a stealthy Python-based backdoor framework, dubbed Deep#Door, which uses an obfuscated batch loader to deploy a persistent surveillance and credential-stealing implant on Windows systems.
Read Post
upguard

MCP: The AI Protocol Quietly Expanding Your Attack Surface

Apr 29, 2026 By Shane Moosa In UpGuard
In February 2026, researchers uncovered something that should give every security leader pause. A malware operation called SmartLoader, previously known for targeting consumers who downloaded pirated software, had completely pivoted its infrastructure. SmartLoaders new target was developers, and its new entry point was a protocol most security teams had never heard of. The payload delivered to victims: every saved browser password, every cloud session token, every SSH key on the machine.
Read Post
upguard

The Shadow Supply Chain: A Pivot To Usage-Based Discovery

Apr 29, 2026 By Shane Moosa In UpGuard
We’ve established the new forensic reality: a massive 72.9% inventory gap exists between the vendors you monitor and those invisible to your security. We have seen the shortcomings of SSO and its inability to holistically monitor all the vendor applications your users engage with, along with a Shadow AI explosion that is compounding both issues. The era of procurement-only discovery is over. To secure the modern cyber workforce, we must pivot from "buying-based" to usage-based discovery.
Read Post
upguard

1 in 15 MCP Servers are Lookalikes: Is Your Org at Risk?

Apr 29, 2026 By Shane Moosa In UpGuard
Researchers recently analyzed 18,000 Claude Code configuration files pulled from public GitHub repositories. What they found was straightforward and alarming: developers are already installing mistyped, misconfigured, and near-identical MCP server names — often without realizing it. The human-error condition that makes typosquatting work was already present at scale before any attacker needed to exploit it.
Read Post
nightfall

AI Agents are moving your sensitive data: Nightfall built a solution where DLP fails

Apr 29, 2026 By Chris Martinez In Nightfall
Somewhere in your environment right now, an AI agent is reading files, querying a database, and passing output through a channel your DLP has never seen. It's running under a legitimate user credential, inside a sanctioned tool, and it will not trigger a single alert. When it's done, there will be no record of what it accessed or where that data went. This is not an edge case. It is the default state of most enterprise environments in 2026.
Read Post
coralogix

The Security Trifecta: Operationalizing API Protection with AWS, Wallarm, and Coralogix

Apr 29, 2026 By Vadim Beregovsky In Coralogix
In the modern digital world, API’s are no longer just “connectors” – they are the real security product. Whether you are a Fintech processing payments, a SaaS platform managing multi-tenant data, or an E-Commerce giant handling the bulk of sales, your API’s are the foundation of your customer registration, checkout experiences, and partner ecosystems. However, that transition has made API’s the fastest-growing attack surface in history.
Read Post

Datadog MCP Server, Experiments, Bits AI Security Analyst, and more | This Month in Datadog

Apr 29, 2026 By Datadog In Datadog
April’s This Month in Datadog spotlights the Datadog MCP Server, which gives AI agents secure, real-time access to Datadog telemetry, and Datadog Experiments, which lets you design, launch, and analyze experiments to see the full impact of product changes on the user journey. Plus, we cover how to: Accelerate Cloud SIEM investigations with Bits AI Security Analyst Remediate vulnerabilities in your codebase with Bits AI Dev Agent for Code Security Explore Datadog with natural language using Bits Assistant.
View Video
vanta

Vanta crosses $300M in ARR as growth accelerates

Apr 29, 2026 By Vanta In Vanta
Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.