“This is a parallel theme to everything else,” commented Alvarez. “The importance here is that ‘blurring’ means you don’t see it – you don’t know what you’re defending against. You may detect some commonly used commodity malware, assume a criminal attack, nullify the malware and think everything is fine. But if it’s a nation state, they may remain hidden for a very long time.”The importance ofthe report, she says, is that it counters a natural tendency to look at specific threats in isolation. “It’s when we start to look across the different and parallel trends, that we really start to see the big picture.”Understanding the threat is important, but not helpful without a solution. Alvarez effectively mirrors Sun Tzu’s approach: ‘If you know the enemy and know yourself, you need not fear the result of a hundred battles.’“When we speak to clients,” she said, “we think about what industry they are in, where are they operating geographically, what is their attack surface. Each organization has a role in identifying their own critical infrastructure and being able to protect that.” Knowing yourself means understanding what you have that the enemy wants, your brand exposure, any credentials being sold on the dark web, your attack surface, what your attack profile looks like, and which threat actors are likely to target you.Knowing the enemy that is likely to target you is understanding who they are, the footprint they leave, their TTPs, etcetera; and being able to recognize and expel them.The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
The importance ofthe report, she says, is that it counters a natural tendency to look at specific threats in isolation. “It’s when we start to look across the different and parallel trends, that we really start to see the big picture.”Understanding the threat is important, but not helpful without a solution. Alvarez effectively mirrors Sun Tzu’s approach: ‘If you know the enemy and know yourself, you need not fear the result of a hundred battles.’“When we speak to clients,” she said, “we think about what industry they are in, where are they operating geographically, what is their attack surface. Each organization has a role in identifying their own critical infrastructure and being able to protect that.” Knowing yourself means understanding what you have that the enemy wants, your brand exposure, any credentials being sold on the dark web, your attack surface, what your attack profile looks like, and which threat actors are likely to target you.Knowing the enemy that is likely to target you is understanding who they are, the footprint they leave, their TTPs, etcetera; and being able to recognize and expel them.The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Understanding the threat is important, but not helpful without a solution. Alvarez effectively mirrors Sun Tzu’s approach: ‘If you know the enemy and know yourself, you need not fear the result of a hundred battles.’“When we speak to clients,” she said, “we think about what industry they are in, where are they operating geographically, what is their attack surface. Each organization has a role in identifying their own critical infrastructure and being able to protect that.” Knowing yourself means understanding what you have that the enemy wants, your brand exposure, any credentials being sold on the dark web, your attack surface, what your attack profile looks like, and which threat actors are likely to target you.Knowing the enemy that is likely to target you is understanding who they are, the footprint they leave, their TTPs, etcetera; and being able to recognize and expel them.The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
“When we speak to clients,” she said, “we think about what industry they are in, where are they operating geographically, what is their attack surface. Each organization has a role in identifying their own critical infrastructure and being able to protect that.” Knowing yourself means understanding what you have that the enemy wants, your brand exposure, any credentials being sold on the dark web, your attack surface, what your attack profile looks like, and which threat actors are likely to target you.Knowing the enemy that is likely to target you is understanding who they are, the footprint they leave, their TTPs, etcetera; and being able to recognize and expel them.The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Knowing the enemy that is likely to target you is understanding who they are, the footprint they leave, their TTPs, etcetera; and being able to recognize and expel them.The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
The X-Force threat report helps in this by demonstrating that threats should not be considered in isolation – they are not merely isolated parallel threats but often sequentially linked threats leading to a compromise. Not requiring access authentication bypasses most of the other threats. But even if the door is closed it can be opened by stolen credentials. Stealing credentials and using them is exacerbated by AI, which also increases the threat surface, expands the blast radius, and often allows wider supply chain attacks.Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Finding your credentials on the dark web is a signal of a pending attack, facilitated by AI and possibly your own agentic systems, and potentially widening into a large-scale supply chain or third party dependency attack.Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Related:Autonomous AI Agents Provide New Class of Supply Chain AttackRelated:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Related:Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark ForumsRelated:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Related:New ‘Sandworm_Mode’ Supply Chain Attack Hits NPMRelated:Cyber Insights 2026: Cyberwar and Rising Nation State Threats
Source: SecurityWeek
