< ciso
brief />

Hello, stay ahead with CISO Brief 🚀

Every day the cybersecurity world moves fast — new incidents, evolving AI risks, changing regulations, and critical vendor updates. We cut through the noise to deliver only what matters most for your business and security strategy.

CISO Brief brings you a daily digest of high-signal news: major breaches, hyperscaler security releases, AI and compliance shifts, and the latest threat intelligence — all in one concise update.

Built for CISOs, CTOs, and architects, our goal is to save you time, reduce distraction, and keep you always on pulse with the risks and opportunities that shape tomorrow.

👉 Join our Telegram channel for your daily update — stay informed, stay ready.

Cybersecurity News Digest — Daily Briefings

20 Questions to Guide an Agentic Enterprise Strategy

🤖 This post introduces the Gemini Enterprise Agent Platform and offers 20 practical questions for IT and engineering leaders to consider when building AI agents. It covers who builds agents, which development tools to use, how to connect data and other agents, strategies for scaling, and methods for securing execution and preserving context. The article pairs guidance with recommended Google tools like ADK, Antigravity, Agent Runtime, MCP, A2A, and Agent Studio.
read more →

State of AI Infrastructure: Key Findings 2026

🧭 This Google Cloud blog summarizes findings from a survey of over 1,400 IT leaders showing a widening gap between AI ambitions and existing infrastructure. It explains why agentic AI stresses legacy systems and highlights needs for fluid compute, unified data layers, hybrid deployments, and energy-efficient co-designed silicon like TPU 8t. The post also promotes Google Cloud’s AI Hypercomputer and governance solutions such as Agent Gateway.
read more →

Top BGP Route Policy Uses by Customer Demand

🛡️ Cloud Router's BGP route policies give administrators programmatic control to filter, modify, and propagate routes using CEL expressions. Customers now use these policies to enforce strict route filtering, implement traffic steering via MED and AS-PATH prepending, and achieve stateful traffic symmetry through BGP community tagging. Policy named sets simplify managing large lists of prefixes and communities across multiple routers.
read more →

Publishing AI Agents to Gemini Enterprise and Marketplace

đź§­ This guide explains how to build, register, and commercialize AI agents as Agents-as-a-Service (AaaS) for deployment in the Gemini Enterprise app and Google Cloud Marketplace. It details required artifacts like the A2A Agent Card, authentication options including OAuth and Dynamic Client Registration (DCR), and the integration points for procurement, billing, and entitlement management. The article also outlines the seller journey, testing, and the end-to-end procurement and registration lifecycle across Billing Administrator, Discovery Engine Administrator, and end-user roles.
read more →

China‑Aligned Cluster Exploits Roundcube Mail Servers

đź”’ New research from Proofpoint identified a suspected China-aligned cluster, tracked as UNK_MassTraction, exploiting vulnerable Roundcube webmail instances at US and Canadian universities. The attackers targeted physics and engineering departments using known Roundcube vulnerabilities to steal credentials, deploy webshells and establish persistent access. The campaign leveraged malicious JavaScript (IceCube) and exploited CVE-2025-49113 to load the VShell backdoor in memory, enabling lateral movement and espionage-focused intrusions.
read more →

Spain arrests suspected member of pro‑Russian hacktivists

🛡️ Spain's National Police arrested a man suspected of active roles in the pro‑Russian hacktivist groups CyberArmy of Russia Reborn and Z‑Pentest. Authorities say he provided logistical and operational support to a CARR-linked Ukrainian hacker and attempted to facilitate the hacker’s escape to Russia. Investigators seized computers and cryptocurrency devices during a March 2026 raid and froze wallets tied to stolen data sales. The suspect is under investigation for alleged links to terrorist group membership, glorification of terrorism, and computer damage.
read more →

GitLost: Public Issue Can Exfiltrate Private GitHub Data

đź”’ Researchers at Noma Security demonstrated that a crafted public GitHub issue can manipulate GitHub Agentic Workflows into exposing private repository contents. The attack, named GitLost, exploits indirect prompt injection to trick an agent with organization-wide read access into pulling private data and posting it publicly. GitHub's preview feature for agentic workflows includes guardrails, but Noma showed a minor wording change can bypass them. The core problem is architectural: agents with standing credentials that read untrusted input and can post outward create persistent leakage risk.
read more →

GitHub Actions attack pattern that eludes CI scanners

🛡️ In June 2026, Novee Security disclosed "Cordyceps," a CI/CD composition weakness across thousands of high-impact repositories that flagged 654 and confirmed 300+ exploitable cases. The issue stems from how GitHub Actions events like pull_request_target and workflow_run execute with elevated privileges and can be tricked into running attacker-controlled content. Each workflow file appears valid, so SAST/DAST tools miss the cross-file composition that enables command, code injection and cross-workflow privilege escalation. Vendors have patched, but the broader governance gap—exacerbated by AI-generated workflows—remains and requires stricter trust boundaries and provenance controls.
read more →

Scattered Spider framed as decentralized cybercrime collective

🕷️ Group-IB redefines Scattered Spider as a decentralized collective made up of independent clusters rather than a single organized group. The firm's June 7 analysis finds that multiple actors share tactics, tools and communities while operating separately, which explains persistent activity despite arrests. Common targets include tech employees, mobile carrier staff and cryptocurrency users, with social engineering and identity-based attacks central to operations. Group-IB advises defenders to focus on the shared techniques across clusters.
read more →

Critical Writer AI flaw let attackers hijack sessions

🔒 Cybersecurity researchers disclosed a critical session isolation vulnerability in Writer, an enterprise generative AI platform, that allowed cross-tenant account takeover via a one-click exploit named WriteOut. An attacker could create an agent, share its live preview link, and when a logged-in user opened the link their session cookie would be forwarded into the attacker’s sandbox and exfiltrated. Writer has patched the issue by isolating session cookies and preventing them from being forwarded into sandbox previews.
read more →

Januscape Linux kernel flaw enables VM escape

🛡️ A 16-year-old Linux kernel vulnerability called Januscape (CVE-2026-53359) allows guest-to-host escapes via a use-after-free in the KVM/x86 shadow MMU emulation. Discovered and detailed by researcher Hyunwoo Kim and patched in June 2026, it affects both Intel and AMD architectures and was used in Google's kvmCTF program. Unpatched multi-tenant hosts, especially with world-writable /dev/kvm, risk host takeover or denial-of-service.
read more →

How AI Is Rewriting Software Supply Chain Risk

🛡️ Software supply chain security has evolved as AI tools and agents become integral to builds. What used to be a question of third‑party packages and transitive dependencies now includes models, agents, prompts, and autonomous tooling as provenance concerns. Teams must extend lineage to models and pipeline actions, and prioritize findings by actual exploitability to avoid alert overload. The discussion surfaces in a webinar on July 22 covering new research and practical program changes.
read more →

Google sues scammers leveraging Gemini AI

🛡️ Google has filed suit against a group called Outsider Enterprise, accused of running phishing-as-a-service via Telegram using Gemini to create convincing fake sites. The operation reportedly offered nearly 300 scam templates impersonating Google, YouTube, and agencies like New York’s E‑ZPass. Google coordinated with carriers and used on‑device protections in Google Messages to block many malicious texts. The company hopes legal action and technical defenses will curb the campaign.
read more →

UK launches Cyber Resilience Pledge for businesses

🛡️ The UK government announced the Cyber Resilience Pledge, with over 60 businesses signing up after its unveiling at CYBERUK in April alongside a £90m support package. Signatories such as Microsoft UK, Marks & Spencer and Vodafone commit to board-level cyber accountability, NCSC training, Early Warning registration and risk-based Cyber Essentials adoption across supply chains. The scheme targets medium and large firms with the aim of driving baseline security improvements across suppliers.
read more →

Gentlemen ransomware tests identity and recovery controls

🔍 The Gentlemen ransomware highlights challenges for CISOs in stopping attackers after an initial foothold. Researchers report the malware self-propagates using legitimate Windows management tools while attempting to disable security and recovery systems. Picus Security notes the encryptor, written in Go and obfuscated with Garble, leverages multiple lateral-movement methods and targets backups, EDR, and virtualization services to hinder recovery.
read more →

Microsoft switches Windows backup to default-on for orgs

🛡️ Microsoft will enable the Windows settings backup and restore tool by default on Microsoft Entra-joined and Entra hybrid-joined enterprise devices when they upgrade to Windows 11 version 26H2. The feature, introduced as opt-in at Ignite 2024 and GA in August 2025, previously required admins to turn it on after installing the September 2025 cumulative update. Default-on applies only to eligible devices outside DMA-regulated regions and not in sovereign cloud environments, and explicit admin policies via Intune or Group Policy still take precedence. Restore remains disabled by default and requires explicit admin configuration.
read more →

Universities targeted via Roundcube zero‑day chain

🛡️ A suspected China-aligned threat cluster exploited patched and unpatched Roundcube webmail flaws to target physics and engineering departments at U.S. and Canadian universities. The campaign, tracked as UNK_MassTraction and first seen in May 2026, used CVE-2024-42009 XSS to steal credentials and a follow-up RCE CVE-2025-49113 to drop web shells or deploy VShell. The payload, dubbed IceCube, siphons credentials, 2FA tokens and cookies, then attempts persistent access via SquareShell or VShell.
read more →

The modern CISO is becoming the next CFO

🛡️ The role of the CISO is evolving from a technical operator into a broad, enterprise-level executive responsible for cyber resilience, regulatory compliance, AI governance and business risk. As cyber risk becomes business risk, organizations are expanding security leadership—adding deputy CISOs and specialized teams—while keeping centralized accountability. The author argues the CISO should report independently (e.g., to the CEO, COO or CRO) and that AI increases the need for clear human accountability.
read more →