A new type of cyberattack is bypassing every security tool you’ve invested in — and it starts with a simple Microsoft Teams message. No malware. No exploit. No zero-day. Just someone pretending to be IT support. At the same time, new data shows 73% of ransomware attacks are now entering through VPNs, and small businesses are absorbing an average of $422,000 per incident. Meanwhile, KPMG just released its 8 cybersecurity priorities for 2026, sending a clear message to executives: the biggest risk isn’t technology — it’s leadership. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three critical developments every business leader needs to understand right now. This Week’s Cybersecurity Breakdown 1. Microsoft Teams Hack (UNC6692 Attack Campaign) Hackers are impersonating IT support inside Microsoft Teams to gain access to enterprise environments. No software vulnerability exploited Targets C-suite and senior leadership (77% of victims) Uses legitimate platforms like AWS and Heroku to evade detection 2. VPNs Are Now the Front Door for Ransomware (At-Bay 2026 Report) New insurance data reveals a sharp increase in ransomware attacks targeting VPN infrastructure: 73% of attacks originate through VPNs 60% of victims had EDR deployed — and still got hit SonicWall vulnerabilities linked to a significant percentage of attacks Average loss: $422,000 for SMBs 3. KPMG’s 8 Cybersecurity Priorities for 2026 A strategic warning for boards, CEOs, and executives: AI is now an attack surface Non-human identities (APIs, service accounts) are a major blind spot Supply chain attacks are becoming the primary entry point Cybersecurity is no longer an IT issue — it’s a leadership responsibility The Bottom Line The biggest cybersecurity gap today isn’t technical. It’s leadership. You can’t patch employee trust You can’t rely on tools without oversight You can’t delegate cyber risk and expect protection If you’re running a business, this is required awareness. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of real-world cyber threats, ransomware trends, and executive-level security insights.
