Monday 6/8
Gotham Technology Group is proud to announce that we’ve been named Arctic Wolf's 2026 Northeast Partner of the Year. This is a tremendous honor and a testament to the trust our clients place in us every day.
Thank you again to Arctic Wolf for your continued support and partnership. We look forward to building on this success together.
Click the link below to read our full press release:
https://www.gothamtg.com/gotham-news
Shadow AI is already on your endpoints. Here’s what to do about it (Delinea)
AI on the endpoint isn't a future problem, it's a Tuesday afternoon problem, and it's already here. The organizations that get ahead of it won't be the ones that say "no." They'll be the ones who see clearly, govern thoughtfully, and treat every new AI tool and every new AI agent as just another identity that needs to be discovered, scoped, and watched.
https://delinea.com/blog/what-to-do-about-shadow-ai-on-your-endpoints
The Patch Gap Is Structural. Here Is What That Means for Your SOC. (Halcyon)
Project Glasswing and the Claude Mythos Preview model represent a legitimate, non-incremental shift in how vulnerabilities are discovered, and by extension, how quickly they can be exploited. Per Anthropic's disclosure, pre-release testing surfaced thousands of previously unknown vulnerabilities across major operating systems and browsers.
https://www.halcyon.ai/blog/patch-gap-structural-reality-soc-glasswing
Tuesday 6/9
CIS Safeguard 10.7: Use Behavior-Based Anti-Malware Software
https://www.gothamtg.com/blog/cis-safeguard-107-use-behavior-based-anti-malware-software
AI brands as bait: How threat actors are using the AI hype in social engineering (Microsoft)
In recent months, Microsoft Threat Intelligence has observed a growing number of campaigns that impersonate the branding of popular AI platforms such as ChatGPT, Microsoft Copilot, DeepSeek, and Anthropic’s Claude as lures. These campaigns, which don’t represent compromise of services, span phishing, malvertising, and search engine optimization (SEO)-driven attacks that ultimately lead to credential theft, financial fraud, or malware infection.
https://www.microsoft.com/en-us/security/blog/2026/06/08/ai-brands-as-bait-how-threat-actors-are-using-the-ai-hype-in-social-engineering/
Wednesday 6/10
Island Secure Web Gateway: SWG for the AI Era (Island)
Agents are about to outnumber humans 100 to 1 in the enterprise. They move 100x faster than the network was designed to handle. And if you cannot see inside an AI session, you are not governing AI. You are guessing.
https://www.island.io/blog/island-secure-web-gateway
Shadow AI Isn't a Governance Problem Alone (Abnormal AI)
The standard response to shadow AI is discovery: find the tools, classify them, decide which ones belong. But discovery is a snapshot. It tells you what's installed, not what those identities are doing.
https://abnormal.ai/blog/shadow-ai-isnt-a-governance-problem-alone
Thursday 6/11
Centralized computing in a hybrid world (Citrix)
Enterprises are operating in a world of hybrid infrastructure, distributed users, and increasingly low-cost, nearly disposable endpoints. The question is not where computing happens. It’s how work is secured, governed, and delivered across any environment. This is where centralized infrastructure evolves from an architectural design into something more powerful: a platform to secure the work.
https://www.citrix.com/blogs/2026/06/09/centralized-computing-in-a-hybrid-world/
Friday 6/12
What is a conditional access system? A guide for cloud desktop administrators (Nerdio)
Conditional Access is the right framework. What determines whether it holds in production is the accuracy of the Intune compliance infrastructure behind it, catching silent failures, and scaling policy management as your environment grows.
https://getnerdio.com/blog/what-is-a-conditional-access-system/
Closing the Gap Between Vulnerability Detection and Real Risk Reduction (Arctic Wolf)
Most environments generate thousands of new findings every month. While vulnerability scanners, cloud tools, and endpoint platforms all contribute, that data does not come together in a way that is actionable. Teams end up with long lists of vulnerabilities, limited context, and no clear way to determine what should be fixed first.
https://arcticwolf.com/resources/blog/closing-the-gap-between-vulnerability-detection-and-real-risk-reduction/
Where Identity Breaks Down Across the Employee Lifecycle (Entrust)
Most organizations have spent years modernizing their identity infrastructure, from IAM and MFA to conditional access and privileged access controls. Yet even with these investments in place, many security leaders still find themselves coming back to a simple but uncomfortable question: Can we really be confident that the person behind this access is the right employee?
https://www.entrust.com/blog/2026/06/where-workforce-identity-breaks-down-across-the-workforce-identity-lifecycle