The Cyber Radar

In seven days, three US data breaches confirmed what many CISOs already know but hesitate to formalize: your real exposure doesn't run through your perimeter, it runs through your healthcare and legal vendors. Radiology Associates of Richmond, The Oncology Institute (via TriZetto) and DocketWise notified close to 4 million individuals in just a few days.

In 72 hours, CISA added three major zero-days to its KEV catalog — all in endpoint security tools. RedSun and UnDefend in Microsoft Defender, directory traversal in Trend Micro Apex One: three actively exploited flaws that turn your defense tools into the attacker's leverage. US federal deadlines: June 3 and 4.

On May 7, 2026, the Canvas platform (Instructure) — used by roughly half of North America's higher-education institutions — was paralyzed by an attack claimed by the ShinyHunters group. Attackers say they exfiltrated 275 million records tied to students, faculty, and staff. The login page was replaced with a ransom message, with a May 12 deadline. The hit didn't land on a niche vendor. It landed on a provider that thousands of institutions no longer even thought of as a "thir

Over the past two weeks, we broke down Anthropic's Mythos and its implications for boards of directors. The conclusion was clear: attackers now have AI capable of discovering and exploiting vulnerabilities at scale. The natural follow-up question: how do you defend? Short answer: with AI, you too. But not just any way. The myth to dismiss first "Defensive AI will replace my SOC analysts." False. Defensive AI doesn't replace humans, it augments, accelerates, and amplifies them

You may have seen the term "Mythos" in the press recently, or heard your CISO mention it in a meeting. Here's what it really means for your business — without technical jargon. Mythos in 30 seconds Mythos is an artificial intelligence developed by Anthropic that demonstrated, in April 2026, an unprecedented capability: finding and exploiting complex software flaws in a matter of hours — where it previously took specialized researchers weeks. Think of it as an era change: att

On April 13, 2026, the Cloud Security Alliance published an emergency executive briefing co-signed by the biggest names in global cybersecurity (Jen Easterly, Bruce Schneier, Heather Adkins of Google, Rob Joyce former NSA, Phil Venables…). The title: "The AI Vulnerability Storm: Building a Mythos-ready Security Program". The message holds in one sentence: your cyber program must prepare for a structural change — not a passing trend, a structural change. What is Mythos and why

On April 20, 2026, the Everest ransomware group published two major US banks on its leak site. Both confirmed: the breach didn't come from their internal network but from a common third-party vendor. A chain of a few minutes, a single compromised vendor, two financial institutions exposed. TPRM — Third Party Risk Management — is no longer a compliance topic. It has become a business continuity topic. And yet, most TPRM programs in 2026 still rely on a static annual questionna

The cyber insurance market has hardened dramatically. Premiums tripled between 2021 and 2024, terms tightened, and exclusions multiplied. In 2026, obtaining or renewing a cyber policy is no longer an administrative formality — it's an audit of your security posture. Here's what your insurers now check, and how to pass the audit on the first try. Why insurers have become so demanding Three shocks reshaped the market: • The 2020-2024 ransomware explosion: claims exceeded premi

In March 2026, the Chaos ransomware group claimed 36 new victims on its leak site. A raw statistic. But reading the targets reveals a heavy trend that should alert every industrial CISO: construction, manufacturing and business services concentrate the bulk of attacks. If you operate in one of these sectors, your name is statistically already on the list of next targets. Why manufacturing OT has become the favorite playground Four structural factors explain this targeting: •

In 2026, the majority of sophisticated attacks no longer drop any malware on your systems. Attackers use your admin consoles, your OAuth flows, your official installers. This is “Living off the Land” (LotL) — and it bypasses classic detections. 4 Q1 2026 incidents that point to the same trend 1. Stryker (March). The Iranian Handala group steals a single credential, accesses Microsoft Intune (the legitimate device management tool), and wipes 80,000 machines across 79 countries

On March 17, 2026, CVE-2026-33017 (a critical Langflow flaw) was published. Twenty hours later, Sysdig observed the first in-the-wild exploitations — without any public proof-of-concept (PoC). Attackers reconstructed the exploit directly from the advisory description. This story is no longer an exception. It's the new normal. The clock that collapsed According to zerodayclock.com (https://zerodayclock.com/), which tracks in real time the average delay between the publication

SBOM (Software Bill of Materials) has become in 2026 one of the critical artifacts of cybersecurity. Imposed by U.S. authorities (Executive Order 14028) and increasingly required in Europe via the Cyber Resilience Act, it lists all software components that make up an application — including third-party and open source libraries. Why SBOM has become critical Three elements have made SBOM unavoidable: supply chain attacks (SolarWinds, Log4j, XZ Utils) which demonstrated that a

La cybersécurité évolue rapidement : préparez-vous pour 2026 En 2026, le risque cybernétique deviendra plus complexe, plus rapide et plus sophistiqué. Les organisations doivent anticiper ces menaces pour protéger leurs opérations, leurs données sensibles et leur réputation. Ce guide vous offre une vue claire des défis à venir, de leur impact potentiel et des actions concrètes à entreprendre dès maintenant. Tendances de la cybersécurité pour 2026 : comprendre les risques à ven

In a world where cyber threats evolve fast, digital risk management has become a strategic priority. You need to know where your vulnerabilities are, how they impact your organization, and which actions to prioritize to reduce exposure effectively. Cyber risk mapping is a key tool to achieve these outcomes. Why digital risk management is essential The complexity of IT environments and the growing sophistication of attacks make digital risk management unavoidable. Without a cl

1️⃣ Commencez par l'Impact Commercial Une stratégie cyber efficace commence par une question simple : Qu'est-ce qui, en cas de compromission, mettrait réellement l'entreprise en danger ? Cela inclut : perte financière majeure perturbation opérationnelle exposition réglementaire dommages à la marque Sans cette priorisation stratégique, la cybersécurité devient réactive et désalignée. Focus : gestion des risques cyber alignée sur les affaires 2️⃣ Renseignement sur les

In 2026, most major incidents don’t start with a dramatic alert. They start with something ordinary: a login , an overly broad third-party access, a highly convincing “urgent” request… and then a chain of business decisions under pressure. That’s the modern reality: cyber is no longer an “IT topic.” It’s business continuity , fraud , data , compliance , and reputation . And when it hits, what makes the difference isn’t the number of tools you own—it’s whether you can answer t

2025 in one sentence: cybercrime became an industry, built around access and identity In 2025, we were no longer dealing with a handful of isolated gangs. We were looking at a structured cybercrime economy , with a supply chain (malware-as-a-service, infostealers, initial access brokers, hosting, money laundering…) that increasingly build a SaaS ecosystem on the attacker side. Two defining signals stood out in 2025: Industrialization : more actors, more tooling, more intermed