Daily Cyber & AI Briefing with Michael Housch. This episode was published automatically and includes the assembled audio plus full transcript.
The cyber and AI risk landscape is evolving at a pace that’s challenging even the most prepared organizations. Today, we’re seeing a rapid escalation in both the sophistication and industrialization of cyber threats, with artificial intelligence now playing a central role on both sides of the equation. AI is empowering defenders, but it’s also giving attackers unprecedented capabilities to automate, scale, and innovate their tactics.
Europol’s latest Internet Organised Crime Threat Assessment, or IOCTA, is a stark reminder of how quickly the threat environment is changing. The report highlights a significant shift toward industrialized cybercrime, where AI isn’t just a tool—it’s a core enabler. Threat actors are using AI to automate everything from reconnaissance and phishing to malware development. This means attacks are not only faster, but they’re also more scalable and harder to detect using traditional methods.
For security leaders, this is a call to action. The old playbook—relying on static defenses and manual processes—isn’t enough. Threat models need to be reassessed, and organizations must invest in AI-driven defensive capabilities. This includes advanced threat intelligence, automated detection, and response systems that can keep pace with adversaries who are leveraging AI at every stage of the attack lifecycle.
Let’s talk about some of the specific threats making headlines right now. The Cybersecurity and Infrastructure Security Agency, or CISA, has issued an immediate directive for federal agencies to patch critical vulnerabilities in Windows and ConnectWise platforms. These aren’t hypothetical risks—these are zero-day vulnerabilities that are actively being exploited in the wild. They’ve been added to CISA’s Known Exploited Vulnerabilities catalog, which means attackers are already using them to compromise systems.
This isn’t just a government problem. These vulnerabilities are likely to be targeted broadly, affecting organizations across sectors. The lesson here is simple: patch management is not optional. It’s foundational. Organizations need to prioritize patching, monitor for signs of compromise, and ensure they have robust processes in place to respond quickly when new vulnerabilities are disclosed.
Another development to watch is the emergence of VECT 2.0, a new ransomware strain that’s targeting multiple operating systems. Unlike earlier generations of ransomware that focused mainly on Windows, VECT 2.0 has cross-platform capabilities. It can hit Windows, Linux, and macOS environments, which is a big concern for organizations with diverse IT infrastructures. This raises the stakes for endpoint protection. Security teams should review their coverage across all operating systems and double down on backup and recovery processes. With ransomware, the ability to restore systems quickly can mean the difference between a minor incident and a business-crippling event.
But the technical threats are only half the story. There’s a growing recognition of what’s being called the “last-mile” problem in AI security. As AI systems become more autonomous—what we refer to as agentic AI—they’re increasingly making decisions and taking actions without direct human oversight. Traditional identity and access management, or IAM, solutions were designed for users and static applications. They’re simply not equipped to handle the unique risks posed by AI agents that can act independently, sometimes outside of predefined workflows.
This gap in controls exposes organizations to new attack vectors and compliance risks. Imagine an AI agent that’s authorized to access sensitive data, but then starts making decisions or sharing information in ways that weren’t anticipated. Legacy IAM can’t effectively govern or contain thes
