Cybersecurity Decrypted #52

Critical Entra ID Flaw Allowed Global Admin Impersonation Across All Tenants

A researcher has disclosed a critical vulnerability in Microsoft Entra ID (formerly Azure Active Directory) that could have allowed threat actors to access almost every Entra ID tenant in the world. While the flaw was fixed prior to disclosure, it has caused great concern for some security practitioners and raised questions around the wider security of the tech giant’s IAM offering.

Atomic Infostealer Targets Mac Users

Security researchers at LastPass have identified a new brand impersonation campaign in which threat actors are attempting to infect macOS devices with Atomic infostealer—a malware-as-a-service operation that gives attackers persistent, stealthy access to any data stored on infected machines.

Ransomware Attack Causes Travel Chaos At Europe Airports

A man has been arrested in connection with the cyberattack causing disruption across several of Europe’s busiest airports. Since last Friday, travelers in Europe have been hit with disruptions, delays, and cancellations, after a ransomware attack targeted a popular check-in software used by many airlines to automate check-in, baggage tagging, and boarding pass authentication.

Auto Giant Stellantis Confirms Data Breach, Shiny Hunters Claims Responsibility

Car manufacturing titan Stellantis has disclosed the exposure of customer data after threat actors gained unauthorized access to one of the company’s third-party partners. While Stellantis hasn’t named the third-party platform or the attacker, the ShinyHunters extortion group has since claimed responsibility for the breach, alleging that it’s the latest in a recent wave of Salesforce attacks for which the group is responsible.

Expert Insights Cybersecurity Excellence Awards – Fall 2025

Honoring the most innovative and high-impact solutions in cybersecurity and IT management, carefully evaluated by our independent research and editorial teams. Congratulations to all the winners driving the industry forward! 

Podcast: Breaking Into Cybersecurity

This week on Women In Cyber, our panel discusses how to build a career in cyber—from improving your chances at getting hired, to real-world strategies for thriving under pressure and finding that elusive work-life balance. This is a must-listen for those looking to kick-start their career and hiring leads looking to improve their DEI initiatives.

Article: How Dark Web Monitoring Works And Why It Matters

Dark web monitoring is the practice of continuously scanning hidden online forums, marketplaces, and other dark web sources for information related to an organization. In this article, we dive into how dark web monitoring functions, how it supports proactive security, and how it can offer early visibility into breaches and reduce the impact of cyberattacks.

Article: Securing The Agentic Workspace: Collaboration And Innovation In A Market Set To Boom 

One concept dominated conversations at Proofpoint Protect 2025: the agentic workspace. Just as the digital workspace has transformed business operations over the past two decades, the agentic workspace represents a fundamentally new way of working, where people and AI agents collaborate side by side. This week, our team has been chatting to experts at the conference about the impact of AI on the workplace and where exactly the market is heading.

Cybersecurity Dive: Preemptive security predicted to constitute about half of IT security spending by 2030

The Record: Alleged Scattered Spider member turns self in to Las Vegas police

Bleeping Computer: Canada dismantles TradeOgre exchange, seizes $40 million in crypto

Bleeping Computer: Verified Steam game steals streamer’s cancer treatment donations

The Hacker News: Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

NVIDIA: NVIDIA, OpenAI Announce ‘the Biggest AI Infrastructure Deployment in History’

Mycroft: Stealth to Seed: Mycroft’s AI Security & Compliance Platform Backed by $3.5M, led by Luge Capital

• Remote Monitoring & Management (RMM)
• Mobile Device Management (MDM)
• Email Security
• Identity & Access Management (IAM)
• Phishing Simulation
• Multi-Factor Authentication (MFA)
• Cyber Threat Intelligence

Podcasts

• Expert Insights Podcast
• Expert Insights Game Changers
• Expert Insights Explainers
• Women In Cyber

Advertising

• Advertise with us

Expert Insights helps security and IT professionals make smarter, faster cybersecurity decisions.

Join our community, stay ahead with our podcasts, and get essential insights in our weekly newsletter. Trusted by over one million businesses.