Threat analysis, guidance and product news
Practical reads on cyber risk, compliance and threat intelligence from the FortaRisks team.
RSS feed- Threat Intelligence
This week in cyber: SD-WAN under attack, and ransomware comes for energy and manufacturing
A CVSS 10 SD-WAN flaw with rogue peers in the wild, a fresh Cisco zero-day, and ransomware crews hitting a Canadian energy services firm and a UK machinery maker. The week's signal for critical-infrastructure teams, minus the noise.
June 8, 2026 · 3 min read - Third-Party Risk
Radiology, Oncology, DocketWise: Three Breaches in One Week That Reshape Your Healthcare and Legal Third-Party Risk
Three US healthcare and legal breaches in one week prove your real exposure runs through your vendors' vendors. A 30-day third-party risk loop.
May 29, 2026 · 4 min read - Threat Intelligence
Defender and Apex One Under Fire: When the Antivirus Becomes the Attacker's Weapon
CISA added three endpoint-security zero-days to KEV in 72 hours. Why defense tools are now prime targets, plus a 6-step EDR remediation loop.
May 26, 2026 · 3 min read - Third-Party Risk
Canvas, 275 Million Records: What This Breach Forces You to Rethink in Third-Party Risk
The ShinyHunters attack on Canvas exposes a SaaS concentration problem, not just a vendor one. Three board questions and a 6-step third-party loop.
May 19, 2026 · 3 min read - AI
AI vs AI: Why Your Cyber Defense Must Also Be AI-Augmented
Attackers now wield AI like Mythos, so defense must be AI-augmented too. Five defensive use cases that work in 2026, and what AI should never do.
May 15, 2026 · 3 min read - AI
Mythos Explained to the Board: 5 Strategic Questions Before Your Next Committee
Anthropic's Mythos finds and exploits software flaws in hours. Why that makes AI risk a board topic, and 5 questions to ask your CISO this week.
May 8, 2026 · 2 min read - AI
Mythos and the AI Storm: Why Your Cyber Program Must Change Now
The Cloud Security Alliance's emergency briefing on a Mythos-ready program: the attacker/defender asymmetry and 5 actions to launch this week.
May 1, 2026 · 3 min read - Third-Party Risk
Two US Banks, One Vendor: 11 Third-Party Vulnerabilities Invisible to Questionnaires
Everest ransomware hit two US banks through one shared vendor. The 11 third-party vulnerabilities annual questionnaires never see, and how to fix them.
April 24, 2026 · 3 min read - Compliance
Cyber Insurance 2026: 7 Criteria Insurers Check Before Covering You
Cyber insurance is now a security-posture audit. The 7 criteria insurers check, what raises or lowers your premium, and how to pass first time.
April 17, 2026 · 2 min read
See your real risk in a 30-minute demo.
A member of our team walks you through FortaRisks on threats relevant to your sector. No chatbot.