Galactic Research: Articles & Insights
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
AI Security
OpenClaw's Marketplace Got Stuffed With Malware. Here's Why That Was Always Going to Happen.
What a Malware-Filled AI Agent Marketplace Tells Us About How the Industry Keeps Making the Same Mistake I've spent the better part of my career watching organizations adopt new technology faster than they can secure it, and documenting what happens ...
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
The Invisible Workforce
The Shadow AI Running Inside Your Clients' Environments and How MSPs Can Get Ahead of It It's Monday morning. A client's controller is on the phone. She spent Friday afternoon cleaning up the vendor list inside their accounting platform's new ...
Threat Intelligence
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
Threat Thursday: June 11th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories share one theme: the gap between a vulnerability becoming public and a working exploit existing is collapsing toward hours, and the coordinated disclosure process meant to give defenders ...
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Security Education
Vulnerabilities Are Now the #1 Way In. The Window to Fix Them Is Closing.
Most of the time, I didn't break into a network so much as let myself in through something with a fix already out (just not installed yet): the VPN concentrator three versions behind, the firewall with a known vulnerability fixed ...
Your OSINT Reality Check: Here’s What an Attacker Is Finding in 30 Minutes or Less
Today’s connected, AI-driven digital ecosystem has made it easier than ever to build a professional brand, network with peers, and share ideas with a wider audience. It’s opened doors for businesses that simply didn't exist before: new customers, new partnerships, ...
Part 2: Threat Actors Don't Pick You. You Just Happen to Be There.
In Part 1, we established that Handala didn't pick Stryker off a strategic target list and then figure out how to break in. They found access, recognized the value, and used it. That's still a deliberate, damaging attack—it just means ...
Strategy & Leadership
Building Trust in Executive Relationships: Lessons from King Lear
A Framework for Establishing the Kind of Trust that Survives Budget Season Imagine the curtain going up and a group of players act out the opening scenes of Shakespeare's King Lear, just for you. An aging king sits in his ...
Your Jokes Were Funny. They Still Didn't Renew.
How MSPs Build the Kind of Client Rapport That Survives a Budget Review You walked out of the meeting feeling good. The handshake was firm, the small talk landed, and you even got a laugh with the printer joke. You ...
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
All Articles
Private Twitter Files May Have Been Cached In Firefox
Are you a regular Twitter user? More specifically, are you a regular Twitter user who also prefers the Firefox web browser? If so, be advised that Twitter recently disclosed a new bug ...
Over 5 Million Marriott Customers Vulnerable In Latest Data Breach
Are you a frequent guest at Marriott hotels? If so, be advised that the company has recently reported a massive data breach that could impact up to 5.2 million guests who have ...
Should You Put Your Cybersecurity To The Test?
You’re probably familiar with the concept of “trust but verify”. When it comes to security you do this all the time. Maybe you don’t test the limits of a lot of things ...
Huge Increase In Phishing And Malware Attacks Using Coronavirus
Around the world, hundreds of millions of people are terrified of the current pandemic that's raging. Most of those are currently self-quarantining at home and limiting their social contacts. Everyone is hungry ...
Google Data Shows Impacts Of Covid-19 Shelter In Place Precaution
Google is using the massive footprint in the smartphone ecosystem to help people understand the impacts that social distancing is having in the face of the global pandemic. Their new global Community ...
Crowded WiFi Networks Could Get Better Pending FCC Vote
Wireless connectivity is becoming a victim of its own success. Every year, the appetite for bandwidth grows, but of course, there's only so much to go around. The recent shelter in place ...
Office 365 Making Changes To Accommodate Millions Working From Home
Recently, Netflix announced that it was scaling back its streaming speeds to better handle the increased load brought on by millions of people around the world sitting at home due to the ...
Some HP Devices May Fail After 30,000 Hours Of Use
Late last year, Hewlett Packard Enterprise (HPE) issued a warning about some of the Solid State Drives they manufacture. The warning was that unless users downloaded a patch to the drive's firmware, ...
iOS Update Includes iPhone And iPad Features And Fixes
If you don't normally prioritize updating your iPhone and iPad OS, you're probably going to want to shift gears and grab version 13.4 as soon as possible. The latest versions of both ...
Is Zoom Safe For Work?
It’s all over the news. Hackers storming online classrooms, board meetings, yoga classes and even happy hours in search of ‘video-bombing’ or disrupting your next online video conference with mayhem. Over the ...
Employees Working From Home Turn To VPN During COVID
It's no secret that the global pandemic we're all living through has changed a great many things about both work and home life. For one thing, work and home life are often ...
Be On The Lookout As Astaroth Malware Makes A Comeback
Are you familiar with Astaroth? If you're a data security professional, you've probably at least heard the name. The group gained some notoriety last year when it came to light that they ...
