How Bizarre, How Bazaar...: Researchers reveal the workings and monetization of a campaign that focuses mainly on self-hosted LLM infrastructure, going after LLMs and MCPs. securityweek.com/llms-hijacked-…

...tear down this Wall!: Finserv firm evaluating ways to open up a path to "seek compensation" from firewall vendor related to a late 2025 breach, where the vendor had seemingly kept the true extent of the breach...walled off. techcrunch.com/2026/01/29/fin…

The video. 👨‍🍳💋

Vuln prioritization continues to be a massive hurdle. Dark Reading explores how our new KEVology report and KEV Collider tool help solve "triage fatigue" by turning CISA KEV list into an actionable, manageable roadmap. Thanks for the deep dive, DR team! darkreading.com/threat-intelli…

In this new SecurityWeek article, Kevin Townsend looks at why blind reliance on the KEV catalog leads to alert exhaustion, and how runZero's KEVology report and KEV Collider tool help you supercharge your triage with real-world context. 🔗 securityweek.com/new-paper-and-…

Checking things off your to do list before you sign-off for the weekend? Don't forget to nominate your favorite public sector journalists The Echo Awards! Learn more and submit today: theechoawards.com

Silly Goose: Shinyhunters squawking about 600K cust records from premium outerwear brand. Vendor claims no evidence of compromise, and that the gaggle of data likely was migrated from an external source. bleepingcomputer.com/news/security/…

Some...shall pass: Researchers find that the chances of compromising a password manager isn't high, but it's not "zero". arstechnica.com/security/2026/…

Cut the Check!: vuln management platform snags new funding securityweek.com/vulncheck-rais…

Car-Gru: Here's the plan. I target the car company. I breach the car company. I grab the car company data. I sit on the data until Feb 20th. theregister.com/2026/02/18/shi…

Essential Friday reading.

Sub-Optimal: vishing attack cracks ad tech firm, but company claims access was not elevated and further malicious activity was limited. bleepingcomputer.com/news/security/…

Making mountains out of mole tunnels: Breaches by Everest ransomware group at multiple medical diagnostic orgs, likely the result of burrowing in through common coding and billing provider. securityweek.com/us-healthcare-…

Marquis de Shade: the claim of SonicWall's culpability in breach related ransomware attacks gets spicier with a formal lawsuit techcrunch.com/2026/02/24/mar…

No Wynn situation: Resort org confirms breach of staff data, "confirms" bad guys have deleted, tacitly confirms that it paid the ransom. Skepticism ensues.  theregister.com/2026/02/25/wyn…

Public relations is a critical business function that’s often underestimated or minimized. Our new blog dispels some of the misconceptions around PR and explains the strategic value it delivers. Read more: w2comm.com/pr-a-critical-…

Attackers Are at the Edge — and They're Bringing Their AI cybrsecmedia.com/attackers-are-…

"If it is sold to you as, oh, push this button and find all your KEV exposures, they're lying to you."

Catch my #ShimmySays at 230pm today. I talk about what is happening at CISA just when we need them most.

🚨 New weekly wrap-up podcast is out! 🚨 🪲 Google Cloud new report on the zero day landscape 💻 Microsoft Security and Europol disrupt the Tycoon 2FA cybercrime op 🪲 the KEVology report from runZero, Inc. open.spotify.com/episode/1Y8eba…