TLDR IT 2026-06-23

A malware campaign is spreading through compromised WhatsApp accounts using fake business and finance documents that deliver obfuscated VBScript files. If opened on Windows, the script installs ManageEngine Endpoint Central and points it to attacker-controlled servers, giving attackers remote admin access to the victim's PC.

Cisco plans to acquire WideField Security and integrate it into Splunk to improve visibility across human users, non-human identities, sessions, workloads, and AI agents. The goal is to help Splunk correlate identity, endpoint, network, and cloud telemetry so security teams can detect when even authenticated users or approved AI agents are taking risky actions.

Even with LLMs making software cheaper to build, there remains a “zone of viability” where buying SaaS is still more cost-effective than rebuilding it. Novelty and ongoing maintenance make some products rational to purchase.

Identiverse 2026 made clear that enterprises are racing to govern AI agents, but most tools only see the easy parts: registered agents, known studios, Entra Agent ID, OBO events, or managed SaaS platforms. The bigger issue is that agent governance needs application-level visibility, real-time authorization, and a better identity foundation across every actor, access path, app, and delegated credential.

Zoom admins can now see expanded Zoom Rooms statuses in Room Management and the dashboard, including whether a room is available, offline, in a meeting, in a calendar event, presenting, on a call, or under construction.

Flic Mic is a new wireless “push to talk” microphone built on the Flic button platform. It listens only while pressed, supports configurable buttons for AI assistants/home automation, runs on a replaceable coin-cell battery, and uses an open API with no subscription required.

OpenAI expanded Daybreak with Codex Security, GPT-5.5-Cyber, a security partner program, and “Patch the Planet,” all aimed at moving AI security from vulnerability discovery to end-to-end patch automation. Codex Security has already scanned 30M+ commits across 30K+ codebases, while GPT-5.5-Cyber improves performance on cyber benchmarks and is being limited to trusted defenders with stronger access controls.

mdfried is a terminal-based Markdown viewer that renders headers as truly larger text (via supported terminal graphics/text-sizing protocols) rather than simple bold styling. It includes image previews across multiple terminal protocols, paging with search and links, URL opening and transformations, code syntax highlighting, Mermaid rendering, optional PDF support, and theme/config support.

Helmsniff is an open-source Go CLI tool that scans rendered Kubernetes/Helm manifests for security misconfigurations and outputs a CSV or JSON report.

Michelle Szklarska moved from product owner to network engineer after earning her CCNA, highlighting the certification's continued value as a practical foundation for networking careers.