惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

有赞技术团队
有赞技术团队
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
aimingoo的专栏
aimingoo的专栏
IT之家
IT之家
G
Google Developers Blog
爱范儿
爱范儿
博客园 - 司徒正美
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
J
Java Code Geeks
The Cloudflare Blog
M
MIT News - Artificial intelligence
Apple Machine Learning Research
Apple Machine Learning Research
Microsoft Security Blog
Microsoft Security Blog
博客园 - Franky
雷峰网
雷峰网
酷 壳 – CoolShell
酷 壳 – CoolShell
Blog — PlanetScale
Blog — PlanetScale
Vercel News
Vercel News
宝玉的分享
宝玉的分享
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
B
Blog
小众软件
小众软件
Microsoft Azure Blog
Microsoft Azure Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
WordPress大学
WordPress大学
T
Troy Hunt's Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
H
Hacker News: Front Page
H
Help Net Security
S
Security @ Cisco Blogs
V
V2EX
Security Archives - TechRepublic
Security Archives - TechRepublic
Stack Overflow Blog
Stack Overflow Blog
O
OpenAI News
L
LINUX DO - 最新话题
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
S
Secure Thoughts
Help Net Security
Help Net Security
F
Full Disclosure
博客园 - 叶小钗
The Hacker News
The Hacker News
Spread Privacy
Spread Privacy
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Jina AI
Jina AI
K
Kaspersky official blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
V
Vulnerabilities – Threatpost
P
Privacy International News Feed
Scott Helme
Scott Helme

Cybersecurity Dive - Latest News

Dozens of Red Hat npm packages targeted in supply chain attack Turning tension into collaboration: How CIOs and CISOs can lead together Trump signs EO seeking early government access to powerful AI models Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators Without strong governance, companies put credit ratings at risk in AI era CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation How Canva scaled to 260+M users while elevating security and productivity Top 4 data security best practices for the AI-enabled enterprise CISA urges security teams to check for software development compromises How CISOs can manage sovereign-cloud security risks IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities Enterprise data is creeping its way into shadow AI tools Coordinated operation takes down Glassworm botnet Leading AI models are more vulnerable to malicious prompts than vendors claim Iranian government, not hacktivist group, breached LA Metro system, security firm says FBI warns about PhaaS platform used to access Microsoft 365 environments Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages New York regulator calls for additional cyber mitigation amid heightened threat environment CISA asks cybersecurity community to alert it to vulnerability exploitation Grafana Labs links GitHub environment breach to TanStack npm supply chain attack 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks AI and an absent government: Takeaways from RSAC 2026 Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn New cybersecurity industry alliance aims to lead US critical infrastructure protection Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign US, UK authorities warn that Firestarter backdoor malware survives patching Major critical infrastructure supplier reports cyberattack When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams Iran-nexus threat groups refine attacks against critical infrastructure China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Trump’s CISA director pick withdraws after tumultuous nomination Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says Microsoft SharePoint vulnerability widely exposed across multiple countries CISA urges security teams to view environments following axios compromise Big banks seek to ease security worries as AI push accelerates CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells Medium-severity flaw in Microsoft SharePoint exploited FCC exempts Netgear from foreign router ban FCC signals continued commitment to Cyber Trust Mark program Brute-force cyberattacks originating in Middle East surge in Q1 CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign Stryker warns of earnings fallout from March cyberattack NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering CISA’s vulnerability scans, field support on chopping block in Trump budget
MSPs need AI to fight AI-fueled cyberthreats: Guardz
Kelly Teal, · 2026-05-15 · via Cybersecurity Dive - Latest News

Even as AI accelerates cyberattacks against small and midsize businesses, attackers continue to exploit familiar weaknesses, according to a Guardz research report. The cybersecurity platform provider analyzed telemetry across MSP-managed SMB environments from September 2025 through February 2026. 

The findings point to a growing new challenge for MSPs, VARs, systems integrators and other channel partners serving SMBs: attackers are using AI to scale old tactics faster than human-led security operations can respond.

“Threat data shows that entry points haven’t changed; attackers are still getting in through identity gaps, weak controls, and misconfigurations, just faster and at greater scale,” said Dor Eisner, CEO and co-founder of Guardz, in a release accompanying the report. “What determines outcomes now is how security is structured, whether signals across identity, email, endpoints, and cloud are connected and can be acted on in time.”

The most common points of entry for AI-backed breaches include identity gaps, weak authentication, misconfigured cloud environments and trusted IT tools. The data show how AI-fueled attacks are worsening an already tough situation.

Nearly 9 in 10 SMBs had at least one user with confirmed credential compromise at any given time. Close to one-third of businesses analyzed were exposed to compromised passwords monthly.

Session hijacking emerged as one of the fastest-growing identity threats. Incidents in which attackers bypassed MFA by stealing or replaying valid session tokens rose 23% over the 180-day observation period. The number of affected users nevertheless remained relatively stable, suggesting attackers aren’t widening their target pool but are deepening access inside already compromised accounts.

Non-human identities create another blind spot. In Microsoft 365 environments, machine identities now outnumber human users 25 to one, according to Guardz. Those service principals, OAuth applications, system accounts and managed identities often operate with elevated permissions and limited oversight, making them attractive targets for attackers seeking persistent access.

Cloud productivity environments are also under pressure. Guardz identified risks across Microsoft 365 tools, including SharePoint, Teams, OneDrive and Copilot. Anonymous SharePoint links, message exports, DLP violations and Teams app installs topped cloud security concerns for SMBs.

RMM vulnerabilities

Remote monitoring and management tool abuse, which hits a major MSP nerve, accounted for 26.2% of all threats. Hackers used ScreenConnect, AteraAgent and MeshAgent to gain persistent, unauthorized access, compromising MSP client portfolios. 

Guardz warned that attacks against the MSP supply chain are likely to intensify in the second half of 2026 as attackers increasingly impersonate legitimate RMM infrastructure.

Attackers are relying more heavily on living-off-the-land techniques rather than traditional malware, Guardz said. Ransomware behavioral detections surged 190% over a 50-day observation window, while malware detections declined 55% in the same period. 

Business email compromise is becoming more expensive, too. The cost of confirmed business email compromise incidents analyzed in 2026 ranged from $140,000 to $1.5 million, compared with an average requested wire transfer of about $40,000 in early 2025 broad-scale campaigns.

Inbox rules remain the top persistence mechanism in BEC attacks, according to Guardz. Attackers use those rules to redirect financial communications, delete security alerts and hide evidence of compromise. The report described a $1.5 million BEC scam involving thread injection, domain spoofing and a voice verification failure.

There is a silver lining to AI-driven detection and response that can help MSPs catch up with bad actors. AI tools achieved 92.4% detection accuracy compared with 67% for human analysts alone.

Disconnected tools, manual triage and periodic reviews no longer cut it, according to Guardz, MSPs need unified visibility across identity, email, endpoint and cloud environments, along with an AI-assisted response capable of operating at the same scale as attackers.

“That means leveraging AI the same way attackers are, at scale, across every client environment, simultaneously,” Eisner said in the release. “That gap is where MSPs either win or lose their clients’ trust.”