Hack the Defenders: Tim Medin on Why Blue Teams Need an Offensive Mindset
Medin covers the evolution of penetration testing and why defenders need to stop relying solely on compliance checklists and start thinking like attackers.
Bill Brenner
Hippocampus Killing You? Here Are Some Great Resources for Cybersecurity Pros
Here are several organizations and initiatives dedicated to mental health for security professionals.
Mental Health Awareness Month: Boundaries Are a Security Control
Feeling the mental strain that is often part of working in cybersecurity? I'll admit that I am. But we're not alone, and we have allies to see us through. This post celebrates Mental Health Hackers. We will spotlight other great efforts in the community throughout the month.
Five Cyber Luminaries Who Enrich CYBR.SEC.Community
Here are just a few of the voices who inject cutting-edge insights into the community we are building.
Have We Already Had a Cognitive Pearl Harbor?
Winn Schwartau warned of a “Digital Pearl Harbor” decades ago and is now raising a more unsettling possibility: the real attack may already be underway, targeting human perception itself.
Security Teams Are Fighting the Wrong DDoS: The One Happening in Their Heads
Security teams have spent years trying to reduce alert fatigue, but the real bottleneck isn’t tooling, but the human brain’s inability to process the volume of information being thrown at it.
Bitwarden CLI Compromised in GitHub Actions Supply Chain Attack: What It Means For You
Attackers compromised the Bitwarden CLI (v2026.4.0) via a GitHub Actions supply-chain attack, injecting malware that steals developer credentials. Affected organization must assume exposure, rotate secrets immediately, and audit CI/CD pipelines for compromise.
Breaches Don’t Kill Companies. Being Unprepared Does.
Adrian Sanabria built "Destroyed By Breach" to cut through cybersecurity myth-making, and what he found is more uncomfortable than the fear-driven narrative the industry often sells.
The Cybersecurity Version of the Helpers Mister Rogers Told Us About, Present and Future
This week's newsletter is about the helpers in cybersecurity, the chaos they're responding to and what we must do to prepare helpers of the future.
Vercel Breach Raises Supply-Chain Risk: What Security Teams Must Do Now
Vercel confirmed unauthorized access to internal systems and is investigating with incident response support, and despite limited details, security teams should assume credential exposure and act immediately.
#FollowFriday: Authors Who Entered the AI Storm And Chose Reason Over FUD
The hype over Anthropic Mythos and AI in general has been super-heated. The cybersecurity voices who calmly unpack the details are the ones to follow. Here are some examples.
CYBR.SEC.MEDIA Newsletter Goes Weekly, Mythos Creates Chaos and Cybersecurity Does Wrong By The Kids
There's a lot going on in cybersecurity. Too much to cram into a bi-weekly newsletter. So we're raising the frequency.
The Kids Would Be Alright -- If Cybersecurity Would Stop Failing Them
Fergus Hay argues that cybersecurity isn’t facing a talent shortage: it’s failing to recognize that the next generation of hackers is already here, hiding in plain sight inside gaming culture.
Gaming Isn’t a Distraction. It’s Cybersecurity Training in Disguise
From Minecraft servers to cryptographic puzzles, Fergus Hay explains why gaming is one of the most powerful—and misunderstood—training grounds for the next generation of cybersecurity talent.
CYBR.HAK.CAST Episode 12: Fergus Hay of The Hacking Games
Phil Wylie and Michael Farnum talk with Fergus Hay about how the cybersecurity industry is missing a huge opportunity by overlooking gamers and young, neurodiverse problem-solvers who already have the mindset to become the next generation of ethical hackers.
Mythos and the Making of a Cybersecurity Mental Health Crisis
The AI-driven “vulnerability storm” isn’t just a technical problem—it’s a human breaking point, and the Mythos report’s authors are right to elevate burnout from a side issue to a frontline risk.