Galactic Research: Articles & Insights
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
AI Security
OpenClaw's Marketplace Got Stuffed With Malware. Here's Why That Was Always Going to Happen.
What a Malware-Filled AI Agent Marketplace Tells Us About How the Industry Keeps Making the Same Mistake I've spent the better part of my career watching organizations adopt new technology faster than they can secure it, and documenting what happens ...
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
The Invisible Workforce
The Shadow AI Running Inside Your Clients' Environments and How MSPs Can Get Ahead of It It's Monday morning. A client's controller is on the phone. She spent Friday afternoon cleaning up the vendor list inside their accounting platform's new ...
Threat Intelligence
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
Threat Thursday: June 11th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories share one theme: the gap between a vulnerability becoming public and a working exploit existing is collapsing toward hours, and the coordinated disclosure process meant to give defenders ...
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Strategy & Leadership
Building Trust in Executive Relationships: Lessons from King Lear
A Framework for Establishing the Kind of Trust that Survives Budget Season Imagine the curtain going up and a group of players act out the opening scenes of Shakespeare's King Lear, just for you. An aging king sits in his ...
Your Jokes Were Funny. They Still Didn't Renew.
How MSPs Build the Kind of Client Rapport That Survives a Budget Review You walked out of the meeting feeling good. The handshake was firm, the small talk landed, and you even got a laugh with the printer joke. You ...
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
Security Education
Vulnerabilities Are Now the #1 Way In. The Window to Fix Them Is Closing.
Most of the time, I didn't break into a network so much as let myself in through something with a fix already out (just not installed yet): the VPN concentrator three versions behind, the firewall with a known vulnerability fixed ...
Your OSINT Reality Check: Here’s What an Attacker Is Finding in 30 Minutes or Less
Today’s connected, AI-driven digital ecosystem has made it easier than ever to build a professional brand, network with peers, and share ideas with a wider audience. It’s opened doors for businesses that simply didn't exist before: new customers, new partnerships, ...
Part 2: Threat Actors Don't Pick You. You Just Happen to Be There.
In Part 1, we established that Handala didn't pick Stryker off a strategic target list and then figure out how to break in. They found access, recognized the value, and used it. That's still a deliberate, damaging attack—it just means ...
All Articles
Cyber Hygiene: A Way To Protect Your Network
IT teams are taking a variety steps to make sure they are secure — investing in technology, training users to recognize phishing attacks and other social engineering incidents, and monitoring activity on ...
Gmail Blocks Millions Of COVID-19 Phishing Emails Daily
Google's popular Gmail service has been busy. In a typical day, the company's email system blocks more than a hundred million phishing emails. During the last week alone, the company reports that ...
Hackers Stopped With Help of Microsoft Digital Crimes Unit
Microsoft's Digital Crimes Unit (DCU) recently played an instrumental role in taking down a botnet made up of more than 400,000 devices. A botnet is a tool that hackers use to invade ...
Apple Announced A New Low-Priced iPhone
Rumors have been swirling for months about Apple and the possibility that they'll release a successor to their iPhone SE. Recently, the company put a pin in all the speculation and unveiled ...
Beware Of Phishing Emails Appearing As From The Federal Government
The Digital Security firm Inky reports that they've discovered a new, disturbing phishing campaign you should be aware of. The company has spotted a disturbing number of scam emails purporting to be ...
New Windows 10 Disk Cleanup Feature Coming Soon
If you're a veteran Windows user, you've almost certainly made frequent use of the "Disk Cleanup" feature, which has been a standard part of the OS for what feels like forever. Recently ...
Hackers Targeting WooCommerce Users To Steal Credit Card Information
WooCommerce is a WordPress-based, free plugin that makes it incredibly easy to sell just about anything online. With more than five million installations, it's clearly a favorite on the web. Unfortunately, its ...
Why Cybersecurity Should Be Part Of Your Culture
Why simply being told what to do might not be enough to maintain a strong cybersecurity posture. I’ve been seeing a LOT of cybersecurity experts ...
Spread Of COVID-19 Data Available From Google And Apple
Big tech firms are lining up to help us get a better handle on the data concerning this pandemic. Data includes who has Covid-19 and how fast and far the virus is ...
Ransomware Targets Company Working On A COVID-19 Vaccine
It's common knowledge that hackers are highly opportunistic and certainly not above targeting children, the sick and the dying if there's money to be made. Even so, attacking a drug company currently ...
Over Half Of All Calls People Receive Are Spam Calls
If you're like most people, you probably get a lot of calls over the course of a week. They're probably calls that you'd just rather not get at all. How many of ...
Zoom Is Working On Security But May Be Too Late
The popular messaging tool called Zoom is having a tough time. According to a recently released memo that circulated through Elon Musk's "SpaceX" company, the company is banning Zoom's use because of ...
