https://www.exposuresecurity.com/briefings/ Timely analysis of emerging threats, breaches, and security developments. Written for executives who need to understand business impact. en-us Mon, 06 Apr 2026 00:00:00 -0700 https://www.exposuresecurity.com/briefings/executive-briefing-eu-cra-vulnerability-reporting-v1-0.html https://www.exposuresecurity.com/briefings/executive-briefing-eu-cra-vulnerability-reporting-v1-0.html Mon, 06 Apr 2026 00:00:00 -0700 Leadership Guide EU Vulnerability Reporting Deadline Hits September 2026, Not December 2027. If you sell software to EU customers, you have less than six months to operationalize 24-hour vulnerability reporting to ENISA. https://www.exposuresecurity.com/briefings/executive-briefing-teampcp-supply-chain-attack-v3-0-web-version.html https://www.exposuresecurity.com/briefings/executive-briefing-teampcp-supply-chain-attack-v3-0-web-version.html Fri, 03 Apr 2026 00:00:00 -0700 Threat Advisory In March 2026, attackers compromised four widely-used developer tools — Trivy, Checkmarx KICS, LiteLLM, and Telnyx — silently stealing credentials from an estimated 500,000+ machines. If your CI/CD pipelines ran any of these tools during the affected windows, your cloud credentials may already be at risk. https://www.exposuresecurity.com/briefings/iran-cyber-threat-advisory.html https://www.exposuresecurity.com/briefings/iran-cyber-threat-advisory.html Wed, 04 Mar 2026 00:00:00 -0700 Threat Advisory Comprehensive analysis of Iran-affiliated cyber threats following Operation Epic Fury. Covers state-sponsored APT group mobilization, hacktivist surge with 60+ active groups, reduced federal cyber support, and 8 prioritized recommendations including SOC coordination, vulnerability patching, ICS/SCADA hardening, and identity controls. https://www.exposuresecurity.com/briefings/claude-desktop-extensions-risk.html https://www.exposuresecurity.com/briefings/claude-desktop-extensions-risk.html Mon, 09 Feb 2026 00:00:00 -0800 AI Security Attackers can take over a computer by sending a calendar invite to someone using Claude Desktop Extensions. This briefing covers which Claude products face exposure, IT team scanning recommendations, Anthropic's response, and how to evaluate similar risks in other AI tools. https://www.exposuresecurity.com/briefings/chatgpt-data-leakage.html https://www.exposuresecurity.com/briefings/chatgpt-data-leakage.html Fri, 01 Aug 2025 00:00:00 -0700 AI Security Publicly shared ChatGPT conversation links have been indexed by search engines, making sensitive business data discoverable via web searches. Covers detection methods, affected entities, and recommended AI usage policy updates. https://www.exposuresecurity.com/briefings/cloud-security-architect.html https://www.exposuresecurity.com/briefings/cloud-security-architect.html Tue, 09 Jul 2024 00:00:00 -0700 Leadership Guide Key attributes and skills to evaluate when hiring a Cloud Security Architect. Covers business alignment, security architecture design, IAM, data protection, compliance, incident response, collaboration, and DevSecOps integration. https://www.exposuresecurity.com/briefings/scattered-spider-breaches.html https://www.exposuresecurity.com/briefings/scattered-spider-breaches.html Wed, 01 Nov 2023 00:00:00 -0800 Breach Analysis Analysis of the Scattered Spider (UNC3944) threat group's attacks on MGM Resorts ($100M impact), Caesars Entertainment ($15M ransom), and Clorox. Covers social engineering tactics, helpdesk manipulation, ransomware deployment, and prioritized defense recommendations. https://www.exposuresecurity.com/briefings/okta-breach-2023.html https://www.exposuresecurity.com/briefings/okta-breach-2023.html Tue, 31 Oct 2023 00:00:00 -0700 Breach Analysis Analysis of the Okta customer support system breach, including the November 2023 scope expansion from 134 customers to all support system users. Covers HAR file exposure, session hijacking, identity provider manipulation, and detailed response actions for Okta administrators.