Security Operations Bulletin · Issue May 24, 2026 The SecOps Brief Running a SOC: tooling, automation, detection engineering, analyst workflows This week at a glance The week split between vendor-told AI-SOC outcomes and the messy operational reality underneath. Microsoft shipped two customer case studies — St. Luke’s saving 200 analyst hours…
Malware Analysis Brief — May 24, 2026
Malware Analysis Bulletin · Issue May 24, 2026 The Malware Analysis Brief APT campaigns, malware families, active exploits, deep detection and response This week at a glance The deepest week of the quarter. A multi-front supply-chain wave hit nearly every package ecosystem at once: the Megalodon campaign pushed 5,718 malicious…
The DevSecOps Signal — May 24, 2026
DevSecOps Bulletin · Inaugural Issue · May 24, 2026 The DevSecOps Signal Secure software supply chains, build-pipeline integrity, and the developer-security-ops collaboration This week at a glance Welcome to the inaugural issue of The DevSecOps Signal. This bulletin focuses on the seams where development, security, and operations collide — secure…
AI-ML Security Brief — May 24, 2026
AI-ML Bulletin · Issue May 24, 2026 The AI-ML Brief AI in security · AI for security · agentic AI in operations This week at a glance The week the agent-platform wars went enterprise. At Code with Claude London, Anthropic shipped self-hosted sandboxes and MCP tunnels for Claude Managed Agents…
Malware Analysis Brief — May 17, 2026
Malware Analysis Bulletin · Issue May 17, 2026 The Malware Analysis Brief APT campaigns, malware families, active exploits, deep detection and response This week at a glance An exceptionally heavy week. Microsoft published a deep teardown of Turla’s evolved Kazuar backdoor — now a modular P2P botnet attributed to Russia’s…
The CISO Brief — May 17, 2026
CISO Bulletin · Issue May 17, 2026 The CISO Brief Regulation, board-level strategy, and the evolving CISO role This week at a glance A regulator-and-board-heavy week. The EU finalized political agreement on the AI Act “omnibus,” pushing high-risk-system deadlines toward December 2027. CISA published guidance telling critical-infrastructure operators to prepare…