Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

tanium

Understanding continuous threat exposure management (CTEM)

May 22, 2026 By Tanium In Tanium
Continuous threat exposure management, or CTEM, is a five-stage program framework for continuously reducing real-world security exposure. It builds on vulnerability scanning by adding risk-informed prioritization, validation of exposure conditions and control effectiveness, and cross-team mobilization to drive remediation.
Read Post

Episode 15 - The Right Eyes: Mythos, and the Future of Vulnerability Discovery

May 21, 2026 By Corelight In Corelight
The emergence of advanced large language models like Anthropic's Mythos represents an epochal shift in cybersecurity, fundamentally altering how zero-day vulnerabilities are surfaced and remediated. In this episode, host Richard Bejtlich sits down with Corelight Co-founder Greg Bell to analyze the security implications of this AI-driven bug explosion, highlighting recent AI-assisted vulnerability discoveries across infrastructure mainstays like FreeBSD and Firefox.
View Video
sophos

GitHub internal repositories breached

May 20, 2026 By Sophos X-Ops In Sophos
A malicious VS Code extension led to cloned private repositories, reportedly offered for sale on a criminal forum On May 19-20, 2026, GitHub confirmed a security incident affecting its own internal systems. A threat actor self-identifying as TeamPCP, also tracked as UNC6780, compromised an employee’s developer device by way of a malicious Visual Studio Code extension and used that foothold to clone roughly 3,800 of GitHub’s internal repositories.
Read Post
sophos

Sophos Firewall and Synchronized Security

May 20, 2026 By Chris McCormack In Sophos
Sophos Firewall and Synchronized Security Synchronized Security is a unique capability you won’t get anywhere else. If you look at what’s required to properly secure a modern network, it breaks down into three pillars: hardening, protection, and detection and response. Or another way to look at it: being equal parts proactive and reactive - or what you need to do before, during, and after an attack.
Read Post
Scanning the Threat: Why Aerospace Relies on Laser Inspection

Scanning the Threat: Why Aerospace Relies on Laser Inspection

May 20, 2026 By SecuritySenses In SecuritySenses
Aviation travel demands absolute safety records for every single commercial flight across the globe. Microscopic flaws inside an airplane fuselage can quickly grow into catastrophic hazards under heavy atmospheric pressure at high altitudes. Maintenance crews must track these hidden structural issues constantly to safeguard passengers on their daily journeys.
Read Post
sophos

WantToCry ransomware remotely encrypts files

May 19, 2026 By Sophos Counter Threat Unit Research Team In Sophos
SophosLabs analysts investigated WantToCry ransomware attacks that involved the threat actors abusing the Server Message Block (SMB) service for initial access and then exfiltrating files to attacker-controlled infrastructure for remote encryption. The detection surface is significantly reduced because WantToCry operates without local malware execution, and there is no post-compromise activity beyond exfiltrating files and rewriting them to disk.
Read Post

Sophos Firewall Config Studio: Migrate to Sophos Firewall

May 19, 2026 By Sophos In Sophos
A step-by-step tutorial on using Config Studio to convert configurations from supported third-party firewalls and import them into Sophos Firewall. Learn how to review migration results, fix flagged issues, and complete the process with confidence. Ask questions and get expert answers in the Sophos Community.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.