Galactic Research: Articles & Insights
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
AI Security
OpenClaw's Marketplace Got Stuffed With Malware. Here's Why That Was Always Going to Happen.
What a Malware-Filled AI Agent Marketplace Tells Us About How the Industry Keeps Making the Same Mistake I've spent the better part of my career watching organizations adopt new technology faster than they can secure it, and documenting what happens ...
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
The Invisible Workforce
The Shadow AI Running Inside Your Clients' Environments and How MSPs Can Get Ahead of It It's Monday morning. A client's controller is on the phone. She spent Friday afternoon cleaning up the vendor list inside their accounting platform's new ...
Threat Intelligence
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
Threat Thursday: June 11th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories share one theme: the gap between a vulnerability becoming public and a working exploit existing is collapsing toward hours, and the coordinated disclosure process meant to give defenders ...
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Security Education
Vulnerabilities Are Now the #1 Way In. The Window to Fix Them Is Closing.
Most of the time, I didn't break into a network so much as let myself in through something with a fix already out (just not installed yet): the VPN concentrator three versions behind, the firewall with a known vulnerability fixed ...
Your OSINT Reality Check: Here’s What an Attacker Is Finding in 30 Minutes or Less
Today’s connected, AI-driven digital ecosystem has made it easier than ever to build a professional brand, network with peers, and share ideas with a wider audience. It’s opened doors for businesses that simply didn't exist before: new customers, new partnerships, ...
Part 2: Threat Actors Don't Pick You. You Just Happen to Be There.
In Part 1, we established that Handala didn't pick Stryker off a strategic target list and then figure out how to break in. They found access, recognized the value, and used it. That's still a deliberate, damaging attack—it just means ...
Strategy & Leadership
Building Trust in Executive Relationships: Lessons from King Lear
A Framework for Establishing the Kind of Trust that Survives Budget Season Imagine the curtain going up and a group of players act out the opening scenes of Shakespeare's King Lear, just for you. An aging king sits in his ...
Your Jokes Were Funny. They Still Didn't Renew.
How MSPs Build the Kind of Client Rapport That Survives a Budget Review You walked out of the meeting feeling good. The handshake was firm, the small talk landed, and you even got a laugh with the printer joke. You ...
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
All Articles
New IRS Tax Scammers Use Personal Data For Big Returns
Recently, the Department of Justice brought charges against Babatunde Olusegun Taiwo for using personal information acquired on the Dark Web. He used the information from data breaches to file fraudulent tax returns ...
New Ransomware Leaks Confidential Data To Public
There's a disturbing emerging trend in the world of hackers who make use of ransomware to extort payment from companies. Increasingly, if a company won't pay, their data that was stolen and ...
Microsoft Releasing New Chromium Based Edge Browser To Users
Microsoft Edge is dead. Long, live Microsoft Edge! The tech giant Microsoft has seen enormous success in a variety of markets, but it never could make a dent in Google's dominance in ...
Messaging Gets Upgrade For Instagram Users
Mark Zuckerberg's social media empire is chasing growth. It's not hard to understand why. Facebook is the world's largest social media platform, with more than 2.4 billion users worldwide. The bigger you ...
New Malware Sends Offensive Texts From Your Phone
Malware tends to be at its most effective when it exists in secret. Under the radar. This is what allows malicious code to burrow deep into an infected system and capture a ...
iPhone Now Works As A Security Key For Google
Google continues to improve security and its user experience in the Apple ecosystem. The most recent update to the company's Smart Lock app on iOS allows users to use their iPhone as ...
Windows 7 Has Reached The End Of Support
Microsoft would like you to know that Windows 7 has reached the end of the road. No more security updates are coming, and there are no more patches or bug fixes. So ...
Wyze User Information Leaked Include Emails And Other Data
Wyze is one of the many manufacturers of consumer-grade smart devices. They recently confirmed that user data belonging to nearly two and a half million of its customers was exposed. The root ...
New Updates To This Malware Made It More Dangerous
If you haven't yet heard of a malware strain called 'Predator the Thief', it's something that belongs on your radar. It first emerged as a threat in July of 2018, when it ...
Upgrade From Windows 7 Now To Avoid Security Risks
By the time you read these words, the last day for Windows 7 support has already come and gone. The date set by Microsoft has been well known to most Windows 7 ...
Landrys Restaurant Chain Latest Victim Of Credit Card Breach
If you're not familiar with Landry's, you're probably familiar with at least some of the restaurants the company owns. The company recently issued a formal 'Notification of Data Breach' in which they ...
New Hacking Method Looks Like A Locked Computer
Scammers have breathed new life into an old scam. For years, the old 'Law Enforcement Lock' trick has been used to cheat unsuspecting victims of their hard-earned money. The new wrinkle works ...
