Hello, stay ahead with CISO Brief 🚀

🛡️Organizations frequently assume IT security models apply to operational technology, but the article argues that OT demands a different approach because systems have long lifecycles, limited patching, and pervasive third‑party dependencies. The core issue at scale is governance: consistent decision rights, escalation logic and shared accountability across distributed sites. Boards should focus on concrete OT scenarios, clarify whether governance is centralized or federated, and insist on independent assurance rather than tool debates. The piece frames OT resilience as a leadership and governance challenge, not merely a technical one.

🤖 Artificial intelligence is rapidly reshaping software development across planning, design, coding, testing, deployment, and maintenance. Download the May 2026 Enterprise Spotlight to learn how organizations can harness AI-enabled development to boost productivity and software quality.

🔒 Two former employees of incident response firms Sygnia and DigitalMint were each sentenced to four years in prison after pleading guilty to conspiring to obstruct commerce by extortion for acting as affiliates of the BlackCat (ALPHV) ransomware group between May and November 2023. Prosecutors say they paid a 20% share for access to BlackCat's ransomware and extortion platform and breached multiple U.S. companies, including medical and manufacturing firms; one Tampa medical device company paid $1.27 million after a $10 million demand. DigitalMint said the individuals were immediately terminated and their conduct was condemned by the company.

⚠️ A newly disclosed Linux kernel logic flaw dubbed Copy Fail (CVE-2026-31431) enables an unprivileged local user to write four deterministic bytes into the page cache of any readable file and gain root. Theori researchers published a 732-byte Python proof-of-concept and reported the bug to the kernel team in March; patches were committed in April. Until distributions publish updates — Arch has released a patch so far — CSOs should inventory multi-tenant and container hosts, monitor for privilege escalation, and apply fixes or temporary kernel parameters where feasible.

⚠ APRA warns that frontier AI models such as Claude Mythos pose a rapidly evolving cyber risk to the banking sector by enabling faster, more automated discovery of vulnerabilities. The regulator found governance often treats AI as “just another technology,” missing distinctive features like predictive behavior, adaptability, bias and data risks, and urged firms to accelerate vulnerability identification and remediation. APRA called for robust security testing of AI‑generated code and deeper assessment of major AI platforms to avoid attackers outpacing current patch cycles.

🛡️ Unit 42 identified 18 malicious browser extensions posing as GenAI productivity tools that deliver RATs, infostealers and MitM capabilities. These extensions intercept prompts, exfiltrate credentials and proxy HTTPS responses, often using AI-generated code to accelerate development. Organizations should restrict extensions, scrutinize permissions and treat browsers as critical attack surfaces. Google removed or warned developers after disclosure.

🔔 AWS Outposts racks now publish the LagStatus Amazon CloudWatch metric so operators can monitor Link Aggregation Group (LAG) connectivity directly from CloudWatch. A metric value of 1 denotes the LAG is operational and forwarding traffic, while 0 indicates it is down. The metric is available in all AWS commercial Regions and both AWS GovCloud (US-East and US-West) Regions where Outposts racks are supported. Use it with existing VifConnectionStatus and VifBgpSessionState metrics to isolate LAG, VIF, or BGP problems quickly.

🖥️ Amazon ECS Managed Instances now exposes NVIDIA GPU metrics through CloudWatch Container Insights with enhanced observability. Customers can monitor GPU capacity, utilization, memory usage, device-level hardware health, and thermal conditions for containerized workloads. The metrics are available in all commercial AWS Regions; to use them, enable Container Insights with enhanced observability and launch GPU-accelerated EC2 instance types via an ECS Managed Instances capacity provider.

🔵 Bluekit is a newly observed phishing kit that bundles more than 40 templates targeting services such as Outlook, Gmail, Yahoo, ProtonMail, iCloud, GitHub and Ledger. It includes an AI Assistant panel supporting models like Llama, GPT‑4.1, Claude, Gemini and DeepSeek to help draft campaign copy. Varonis found the assistant produces scaffold-like outputs that require cleanup. The platform centralizes domain purchase, phishing page setup, campaign management, granular anti-analysis controls and real-time victim session monitoring, with stolen data exfiltrated via Telegram.

📈 Amazon MQ for RabbitMQ now includes the Prometheus plugin on RabbitMQ 4.2 brokers, providing a native Prometheus-compatible metrics endpoint. You can scrape broker, queue, and connection metrics from the /metrics, /metrics/detailed, and /metrics/memory-breakdown endpoints in Prometheus text format. AWS also publishes a curated subset of these metrics to CloudWatch. The plugin is enabled by default in all Regions where Amazon MQ is available.

🔐 Hazel Burton summarizes Cisco Talos' Year in Review and outlines five critical priorities for defenders facing an increasingly automated threat landscape. While AI and accessible exploit code have lowered the barrier for attackers, adversaries still follow predictable patterns and reuse infrastructure, producing detectable anomalies. Defenders should treat identity infrastructure as a top-tier asset, secure MFA workflows with strict verification, prioritize patching by internet exposure, hunt long-tail legacy risks, and apply enhanced monitoring to management-plane systems to focus detection on anomalous post-login behavior and reduce alert fatigue.

🔐 Microsoft is open-sourcing the firmware, drivers, and software stack for the Azure Integrated HSM, a tamper-resistant hardware security module built into new Azure servers and engineered to meet FIPS 140-3 Level 3. The move, announced at the OCP EMEA Summit, includes publishing validation artifacts and launching an OCP workgroup to guide ongoing development. Azure says the HSM protects keys in hardware so they never appear in host or guest memory, reducing classes of exfiltration attacks, and will be available in Azure V7 VMs globally in the coming weeks.

🚨 A Romanian national, Thomasz Szabo, was sentenced to four years in U.S. federal prison after pleading guilty to conspiracy and threats involving explosives. Extradited from Romania in November 2024, Szabo led an online swatting community that organized bomb threats and swatting calls beginning in late 2020 and targeting more than 75 public officials, journalists, and religious institutions. The court also ordered three years of supervised release.

🔐 Amazon Bedrock AgentCore Identity now supports On-Behalf-Of (OBO) token exchange, enabling developers to build agents that securely access protected resources on behalf of authenticated users without additional consent flows. The OBO exchange issues a new, scoped-down access token that carries both the user and agent identities, granting just-in-time, least-privilege access to outbound services. This capability is generally available in 14 AWS Regions.

🔒The FBI warned transportation and logistics firms of a marked increase in cyber-enabled cargo thefts, estimating losses in the U.S. and Canada could reach nearly $725 million in 2025. Criminals are using phishing, typosquatting domains, and account compromise to post fraudulent load listings and impersonate carriers, rerouting high-value shipments. The bureau urged multi-factor authentication, dual-channel verification of shipment requests, and reporting incidents to IC3 and local law enforcement.

⚠️ A supply chain attack delivered two malicious PyPI releases of PyTorch Lightning (versions 2.6.2 and 2.6.3) published on April 30, 2026; the packages execute automatically on import to harvest credentials. The malicious build hides a _runtime directory with a downloader that fetches the Bun JavaScript runtime and runs an obfuscated 11MB payload that validates GitHub tokens against the api.github[.]com/user endpoint and injects worm-like commits across writable branches. The threat also tampers with local npm packages by adding postinstall hooks, incrementing patch versions, repacking .tgz files, and enabling accidental republishing back to npm. PyPI has quarantined the project; maintainers are investigating, and users should block the affected releases, downgrade to 2.6.1, and rotate any exposed credentials.

🔒 Ukrainian authorities have arrested three suspects accused of compromising more than 610,000 accounts on the online gaming platform Roblox. Investigators say the group used social engineering lures that delivered infostealer malware to harvest usernames, passwords and authentication tokens, then assessed accounts for rare items and Robux. At least 357 high‑value accounts were identified and sold on Russian websites for cryptocurrency, reportedly generating over $225,000. Searches at ten properties recovered computers, storage devices, mobile phones, bank cards, handwritten notes and cash; analysis is ongoing and the suspects face up to 15 years if convicted.

🔒 At Next '26 Francis deSouza framed Google Cloud's direction as preparing enterprises for an agentic future, positioning the platform as AI‑native, open, and secure. He argued that multicloud and multi‑AI are essential for resilience and highlighted AI-driven SOC automation outcomes including a 90% reduction in mitigation time and Triage and Investigation tasks collapsed from 30 minutes to 60 seconds using Gemini. The integration of Wiz was presented as a way to secure self‑hosted and multicloud AI lifecycles, while a new whitepaper and the Gemini Enterprise Agent Platform outline governance, prompt sanitization, and agent identity controls.