July 3, 2026 | ITBriefcase.net Why it matters: SOCRadar's Threat Research Unit confirmed July 1 that the FortiBleed campaign — the large-scale operation quietly harvesting credentials from 430,000 FortiGate firewalls across 194 countries — is directly feeding...
The latest in Security
For years, you have focused on improving detection. Better telemetry, better analytics, and better visibility have all helped cut the time it takes to identify threats. Remediation has failed to keep up. Although detection has moved toward automation, most remediation...
June 26, 2026 | ITBriefcase.net Why it matters: Europol, Microsoft, and law enforcement partners from six countries dismantled the infrastructure behind three malware families — SocGholish, Amadey, and StealC — that together form the opening stages of the modern...
By Kirsten Doyle Security teams love coverage maps. MITRE ATT&CK heatmaps, detection matrices, percentages of techniques covered, and dashboards full of green squares implying completeness. The problem is that detection engineering does not fail because...
June 12, 2026 | ITBriefcase.net Why it matters: Microsoft's June 2026 Patch Tuesday, released June 9, addressed approximately 200 security vulnerabilities — the largest single Patch Tuesday release in the program's history — including one actively exploited Exchange...
June 5, 2026 | ITBriefcase.net Why it matters: ShinyHunters leaked over 13 million Charter Communications (Spectrum) customer records publicly this week after the company refused ransom demands, exposing names, email addresses, home and company addresses, nearly 10...
Episode: Inside the Briefcase Guest: Jeremy Banon, CEO of CyberHealth Website: cyberhealth.co Episode Description What happens when a venture capitalist gets surgically targeted by cybercriminals? He builds a company to make sure it never happens to anyone else. In...
May 22, 2026 | ITBriefcase.net Why it matters: NGINX Rift CVE-2026-42945 (CVSS 9.2) disclosed May 13 revealing 18-year-old heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0 enabling unauthenticated remote code execution,...
April 24, 2026 | ITBriefcase.net Why it matters: LMDeploy AI toolkit CVE-2026-33626 (CVSS 7.5) exploited within 12 hours 31 minutes of GitHub advisory publication April 21, demonstrating AI infrastructure vulnerabilities weaponized faster than traditional patch...
New controls, governed agents, and an open SDK give teams the tools to enable AI at scale — without losing visibility or control April 23, 2026 — Zapier today announced a major expansion of its enterprise governance capabilities, giving IT and security teams a...


