Monday 6/16
Ghost-Sender: Why Email Spoofing Still Works When Authentication Fails (Abnormal AI)
Fraudulent messages could be delivered even when the spoofed domain had properly configured email authentication policies. The issue is the disconnect between authentication results and delivery behavior: the failure is visible in the mail flow, but the environment may still allow the message to reach the user.
https://abnormal.ai/blog/ghost-sender-exchange-online-spoofing
AI Agents Are Becoming Enterprise Workers. Who Secures Them? (Check Point)
AI agent security becomes a different problem from AI usage monitoring. The question is not only whether employees are using AI. It is where agents are running, who can access them, what they can touch, which tools they can invoke, and whether each action is safe before it happens.
https://blog.checkpoint.com/ai-security/ai-agents-are-becoming-enterprise-workers/
Tuesday 6/16
CIS Safeguard 11.5: Test Data Recovery
https://www.gothamtg.com/blog/cis-safeguard-115-test-data-recovery
Microsoft Defender email security benchmarking: Key insights from one year of data (Microsoft)
Focusing only on malicious messages that reached the inbox, the latest quarter shows Microsoft Defender’s post-delivery catch continues to improve, catching the majority of post-delivery remediation. It removes an average of 96.03%, up from 70.8% in the previous quarter, highlighting the effectiveness of our continuous investments in this area.
https://www.microsoft.com/en-us/security/blog/2026/06/15/microsoft-defender-email-security-benchmarking-key-insights-from-one-year-of-data/
The Role of CASB in Modern SASE: Island SaaS API Protection (Island)
CASB is non-negotiable for anyone that takes SaaS security seriously. But it isn’t enough on its own, and operating a CASB solution in a silo comes with extensive costs in management and effectiveness.
https://www.island.io/blog/the-role-of-casb-in-modern-sase
Wednesday 6/17
Six practical steps for rethinking resilience architecture in financial services and insurance for the modern era (Citrix)
Most institutions already have resilience plans—but those plans were built for a different era. They assume predictable failure modes, linear recovery processes, and infrastructure-centric continuity. Today’s environment requires a rethinking of those plans, not just incremental updates.
https://www.citrix.com/blogs/2026/06/16/six-practical-steps-for-rethinking-resilience-architecture-in-financial-services-and-insurance-for-the-modern-era/
The New Paradigm of Cloud Resilience: Introducing Autonomous Business Recovery for Cloud Applications (Rubrik)
The cloud is no longer just a scalable repository for storing data; it has become the engine room of the modern enterprise, hosting the mission-critical applications upon which your business depends. But accelerated adoption has painted a massive target on these environments. Recent industry data shows that 94% of cloud tenants are targeted by cyberattacks, with 62% successfully compromised.
https://www.rubrik.com/blog/technology/26/6/the-new-paradigm-of-cloud-resilience-introducing-autonomous-business-recovery-for-cloud-applications
Thursday 6/18
Cloudflare DMARC Management is now generally available (Cloudflare)
Domains that do not have proper DMARC, SPF, and DKIM records configured (or worse, have them configured incorrectly) are increasingly seeing their legitimate emails land in spam folders or get rejected outright. What was once a best practice is now a requirement. Poor email hygiene directly translates to poor deliverability, and for many businesses, that means lost revenue and missed communications.
https://blog.cloudflare.com/dmarc-management-ga/
Congratulations, You're Human. Now Here's Your Malware. (Halcyon)
ClickFix opens with a fake CAPTCHA or browser error page, the digital equivalent of a check engine light, insisting something is wrong and that the fix is just one quick step away. The user is prompted to open the Windows Run dialog and paste in what looks like a repair command. One press of Enter later, the user has handed control to the attacker.
https://www.halcyon.ai/blog/clickfix-social-engineering-attack-halcyon
Friday 6/19
You May Be Able To See Your AI Agents. Can You Stop Them? (HYPR)
We're deploying agents internally across our own workflows, and we've built our approach to governing them on the same framework we're bringing to market. What we've learned firsthand is that the control problem isn't theoretical — it surfaces quickly, in practical ways, the moment agents start touching real systems.
https://www.hypr.com/blog/you-may-be-able-to-see-your-ai-agents.-can-you-stop-them
What is a conditional access system? A guide for cloud desktop administrators (Nerdio)
Conditional Access is the right framework. What determines whether it holds in production is the accuracy of the Intune compliance infrastructure behind it, catching silent failures, and scaling policy management as your environment grows.
https://getnerdio.com/blog/what-is-a-conditional-access-system/