#Mandiant
8 stories taggedMandiant.

Google Spent $32 Billion on Wiz. Now It Wants AI to Fight Hackers So Fast Humans Can't Keep Up
Criminals can hand off access to a breached company in 22 seconds. Google says only AI can respond that quickly, and it has built a new automated defence platform to prove it.

Iranian Group Handala Claimed It Could Poison California's Water. Forensics Say Otherwise.
California Water Service brought in Mandiant after Handala threatened disruption. Investigators found no evidence the group ever touched operational technology.

Cisco Catalyst SD-WAN Bug Hit as Zero-Day Months Before Disclosure
Mandiant says an unidentified actor exploited CVE-2026-20245 for at least two months before Cisco's public advisory, gaining root on affected appliances.

ShinyHunters Hit Universities Through PeopleSoft Zero-Day Before Oracle Patch
Mandiant ties a two-week extortion spree against Oracle PeopleSoft deployments to UNC6240, the cluster better known as ShinyHunters.

Cisco SD-WAN Manager Has an Unpatched Privilege-Escalation Flaw Under Active Exploitation
A command-injection bug in Catalyst SD-WAN Manager is already being used in the wild. No patch exists yet — and a known espionage group may be involved.

UNC3753 Hit U.S. Professional Services Firms With Vishing and Walk-In Intrusions
Dozens of legal, financial, and consulting firms were hit between January and May 2026 in a data-theft extortion run that blended phone-based social engineering with physical site visits.

Silent Ransom Group Escalates Vishing Campaign Against U.S. Law Firms
Mandiant tracks rapid data theft following fake IT-support calls, raising fresh questions about Form 8-K Item 1.05 disclosure timing for affected firms.

The Login Page That Demanded a Ransom
ShinyHunters defaced Canvas mid-finals week, taking the learning platform offline and exposing what one researcher calls an eight-month attack arc against Instructure.