< ciso
brief />
Telegram

Hello, stay ahead with CISO Brief 🚀

Every day the cybersecurity world moves fast — new incidents, evolving AI risks, changing regulations, and critical vendor updates. We cut through the noise to deliver only what matters most for your business and security strategy.

CISO Brief brings you a daily digest of high-signal news: major breaches, hyperscaler security releases, AI and compliance shifts, and the latest threat intelligence — all in one concise update.

Built for CISOs, CTOs, and architects, our goal is to save you time, reduce distraction, and keep you always on pulse with the risks and opportunities that shape tomorrow.

👉 Join our Telegram channel for your daily update — stay informed, stay ready.

Cybersecurity News Digest — Daily Briefings

Latest News

all posts →

French government’s Tchap messaging breach disclosed

🔒 The French government’s secure messaging platform, Tchap, was breached after an intruder took over a user account, according to DINUM. The agency blocked the compromised access and is investigating the extent of exposed information. While encryption was not broken, public chat rooms are unencrypted and the intruder reportedly accessed thousands of messages and files. DINUM reminded users that public rooms are visible to any account and should not contain sensitive content.
Data BreachAccount TakeoverNews
read more →

Fortinet and MITRE CTID Strengthen Threat-Informed Defense

🔍 Fortinet highlights its role as a research partner with the MITRE Center for Threat-Informed Defense (CTID), contributing threat intelligence, operational expertise, and research to practical R&D projects. The CTID impact report (2019–2025) demonstrates collaborative efforts to map adversary behavior to detection, controls, and cloud security. Fortinet’s contributions focus on operationalizing ATT&CK-based frameworks, improving detection quality, and advancing program maturity across cloud, identity, and AI-driven workflows.
FortinetMITRE ATT&CKThreat Intelligence
read more →

International takedown of AudiA6 crypto laundering service

🔎 An international law enforcement operation dismantled the AudiA6 cryptocurrency laundering service, suspected of moving more than €336m for ransomware gangs and other cybercriminals between 2022 and 2025. The probe identified an industrial-scale laundering scheme that used thousands of stolen identities and money mules to obfuscate funds. Arrests, domain seizures and frozen crypto followed coordinated actions across Europe, the US and Georgia.
RansomwareCryptojackingCybercriminal
read more →

Public Sector Security: AI as the New Battlefield

🛡️ At Check Point Engage Public Sector 2026, leaders and practitioners convened to examine how AI is transforming cyber defense and offense for government organizations. Panels highlighted that AI enables automated, fast, and scalable attacks while also becoming core infrastructure for missions. Speakers urged a shift from reactive models to proactive, prevention-first strategies, emphasizing visibility, governance, and workforce controls to secure AI adoption.
Check PointAI SecurityAI Governance
read more →

GitHub’s npm v12 Changes Aim to Harden Supply Chain

🛡️ GitHub announced npm v12 will flip three permissive defaults to opt-in behavior to reduce software supply chain risk. Starting July 2026, npm will block install scripts, Git dependencies, and remote URL-sourced packages by default. Developers can upgrade to npm 11.16.0+ to receive warnings and use npm approve-scripts to build local allowlists in package.json. Experts praise stronger defaults but warn attackers may shift to private registries and maintainers may approve scripts to avoid build friction.
GitHubSoftware Supply Chain SecurityDependency ManagementSupply Chain Vulnerability
read more →

Open Knowledge Format: Portable AI Knowledge Standard

📘 Today Google Cloud introduces the Open Knowledge Format (OKF), an open, vendor-neutral specification that formalizes the LLM-wiki pattern into a portable directory of markdown files with YAML frontmatter. OKF v0.1 defines a small set of conventions so different producers’ wikis can be consumed by agents without translation. The spec is intentionally minimal — one required type field per concept — and is accompanied by reference producer and consumer implementations and sample bundles.
Google CloudLLM SecurityAgent SecurityAI Governance
read more →

Agentjacking: AI coding agents tricked into execution

🛡️ Cybersecurity researchers at Tenet Security disclosed a new attack class called Agentjacking that tricks AI coding agents into executing arbitrary code. The exploit leverages Sentry's public DSN and its MCP interaction to inject crafted error events, which agents like Claude Code and Cursor interpret as trusted resolution steps. Successful exploitation can expose sensitive data and run code with developers' privileges.
ClaudeAI Agent HijackingAgent SecurityPrompt Injection Attack
read more →

Microsoft fixes WUSA update failures in June patch

🔧 Microsoft fixed a known issue causing Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. The bug affected enterprise Windows 11 24H2/25H2 and Windows Server 2025 devices when multiple .msu files were present on a network share, producing ERROR_BAD_PATHNAME. Microsoft mitigated the issue for home and non-managed business devices in September 2025 and delivered a full fix in the June 2026 cumulative updates (KB5079391, KB5094125).
MicrosoftPatch TuesdayPatch Management
read more →

Debating a Sovereign AI Wealth Fund for Public Good

📝 The authors critique Senator Bernie Sanders’s proposal for a US sovereign wealth fund that would take large equity stakes in AI firms. They agree on the need for public influence and redistribution of AI-generated wealth but warn public ownership can entangle government incentives with corporate profit. Instead, they recommend taxation (e.g., datacenter or AI token taxes) and a public AI option like Switzerland’s Apertus to promote transparency, sustainability and democratic control.
AI GovernanceAI Compliance
read more →

Rethinking MDR as Attackers Use AI at Scale

🛡️ For years MDR filled a real gap by providing 24/7 human triage when teams were understaffed, but the modern threat landscape has outpaced that model. AI-powered attackers, expanded attack surfaces, and high alert volumes mean roughly 60% of alerts go unreviewed and low-severity alerts can hide real breaches. The article argues AI-driven SOCs that automate forensic-depth investigation, close the loop into detection engineering, and align pricing to endpoint counts are required to restore coverage and scalability.
MDRSOCAI SecurityAlert Fatigue
read more →

Cyber Threats Escalate Against Sports Organizations

🔒 Darktrace research reveals that 84% of sports organizations — including teams, venues and event bodies — were targeted by cyber-attacks in the last year, with 57% hit multiple times. The report highlights threats to stadium operations, fan data and supply chains, noting elevated phishing and AI-enabled social engineering. Experts urge a behavioral security approach focused on human and AI behavior to reduce high-profile disruption risks.
DarktracePhishingAI Security
read more →

Novo Nordisk discloses clinical trial data breach

🔒 Novo Nordisk disclosed an unauthorized access incident affecting internal IT systems and pseudonymized patient data from some clinical trials. The breach exposed trial participant IDs and health, biomarker, lifestyle, and demographic details, while the company says direct identifiers were not accessed. Healthcare professionals' contact details were also compromised, prompting warnings about phishing and impersonation risks. Novo Nordisk has isolated affected systems, engaged external cybersecurity experts, and is investigating the scope and impact.
Data BreachSensitive Data ExposurePhishing
read more →

Study: Prompt Injection Undermines AI Web Agents

🔍 New research finds current AI web agents largely fail to defend against prompt injection attacks. The StakeBench benchmark tested GPT‑5 and Gemini‑powered agents across realistic web scenarios, revealing high success rates for both direct and indirect injections and exposing failure modes like stealthy parasitism and misaligned disruption. Results show vulnerabilities vary by stakeholder and agent architecture.
Prompt Injection AttackAI Agent HijackingGeminiChatGPT
read more →

Critical LangGraph flaw chain risks remote code execution

🔒 Researchers disclosed three patched vulnerabilities in LangGraph, including a critical SQL injection and unsafe deserialization chain that could enable remote code execution in self-hosted deployments. LangGraph is an open-source framework from LangChain for building stateful, multi-agent AI applications. Check Point and researcher Yarden Porat reported the issues, which affect SQLite and Redis checkpointers but not LangChain's managed LangSmith service.
LangGraphSQL InjectionInsecure DeserializationRemote Code Execution
read more →

AI Reveals Cybersecurity’s Missing Health Model

🩺 The author argues that cybersecurity has operated like an emergency room—reactive and crisis-driven—while AI exposes the need for a preventative, continuous-health model. Current frameworks (NIST, MITRE) describe controls and adversaries but not organizational health; the proposed Clinical Cybersecurity Framework treats the enterprise as a living system with vital signs, continuous monitoring, and governance for new risks like AI. This shift reframes the CISO role toward reporting condition and building adaptive capacity.
AI GovernanceAI Risk ManagementNIST CSFMITRE ATT&CK
read more →

Google sues to dismantle AI-powered scam networks

🛡️ Google is taking legal, technical, and legislative steps to disrupt large-scale AI-enabled phishing and smishing campaigns. The company filed a civil lawsuit against the China-based “Outsider Enterprise,” coordinated with the FBI and telecom partners to block malicious texts, and is advocating bipartisan federal legislation to strengthen protections. Google also leverages AI-driven detection on Android and messaging defenses to intercept malicious messages at scale.
GooglePhishingSmishingAI Security
read more →

CISA orders three-day patch for Ivanti Sentry flaw

🔒 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch an actively exploited Ivanti Sentry flaw (CVE-2026-10520) within three days under Binding Operational Directive BOD 26-04. The vulnerability, an OS command injection in Ivanti's security gateway appliance, has been confirmed exploited and added to CISA's Known Exploited Vulnerabilities Catalog. Shadowserver reports multiple Sentry gateways have already been backdoored and warns unpatched systems are likely compromised.
IvantiCommand InjectionZero-Day ExploitationCISA KEV
read more →

Preparing for quantum-era threats to current encryption

🔒 The article explains the growing reality of “harvest now, decrypt later” attacks, where adversaries steal encrypted data today to decrypt later with quantum computers. It summarizes industry and government perspectives, noting that most organizations underprioritize the risk despite emerging standards like NIST’s 2024 post-quantum algorithms and EU transition roadmaps. The piece reviews mitigation options — PQC, QKD, and the need for cryptoagility — and highlights examples from Spain and financial institutions planning phased transitions.
Post-Quantum CryptographyQuantum ComputingEncryption at Rest
read more →