The inbox has long been the softest entry point in enterprise security. As phishing campaigns grow more convincing, more personalised, and increasingly powered by generative AI, the tools designed to stop them have been locked in a reactive cycle: wait for the attack, analyse it, respond. IRONSCALES, the Atlanta-based email security vendor, is betting that cycle is about to break.

Ahead of this week’s RSA Conference in San Francisco, the company announced a new threat intelligence initiative alongside live demonstrations of the three AI agents it shipped in its Winter 2026 platform release. Together, the moves represent IRONSCALES’ push to reposition itself from a detection vendor into something closer to a preemptive security partner, one that models attacks before they arrive rather than cataloguing them after the fact.

What the new intelligence series actually does

The “Email Attack of the Day” series, which IRONSCALES is debuting at RSAC 2026, draws on anonymised threat data from its network of more than 17,000 customer organisations. The concept is straightforward: surface real-world email attack patterns as they emerge, publish them with technical context, and give security teams the intelligence to recognise new tactics before they proliferate.

It is not an entirely novel format. Other vendors publish threat advisories and campaign breakdowns routinely. But IRONSCALES is framing the series as a complement to its broader shift toward what it calls “Phishing 3.0” defences, where intelligence feeds directly into adaptive detection rather than sitting in a separate research silo.

Three AI agents, one architecture

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

The centrepiece of the RSAC demonstrations will be the three AI agents IRONSCALES introduced in its Winter 2026 release earlier this month: Red Teaming, Phishing SOC, and Phishing Simulation. Each is purpose-built rather than layered on top of a general-purpose large language model, a design choice Audian Paxson, principal technical strategist at the company, has described as more efficient for encoding domain-specific expertise.

The Red Teaming agent performs continuous reconnaissance against an organisation’s public footprint, scanning everything from social media presence to executive communications and org charts. It then generates tailored attack simulations and feeds them into the platform’s detection models. The idea is to harden defences against the specific phishing campaigns an attacker would build for that particular organisation, not just the generic threats circulating broadly.

The Phishing SOC agent, meanwhile, handles forensic investigation of suspicious emails. IRONSCALES says it delivers what amounts to a Level 2 analyst’s assessment in minutes, examining five investigative tracks and producing a verdict that would otherwise consume hours of human analyst time. For managed service providers juggling dozens of client environments, the speed difference matters.

The third agent, Phishing Simulation, takes the reconnaissance data gathered by its Red Teaming counterpart and uses it to create hyper-personalised training simulations. Rather than recycling generic phishing templates, it targets an organisation’s highest-risk employees with scenarios drawn from real OSINT data and delivered in their native language.

The wider context: an arms race that favours the attacker

IRONSCALES is making these moves against a backdrop that has grown considerably more hostile. According to research cited in the company’s own announcements, 88 per cent of organisations report falling victim to AI-powered security incidents within the past 12 months. KnowBe4’s 2025 Phishing Threat Trends Report found that more than 82 per cent of phishing emails analysed contained indicators of AI assistance. A Hoxhunt analysis documented a 14-fold surge in AI-generated phishing over the 2025 holiday period alone.

The economics have shifted, too. Where crafting a convincing spear-phishing campaign once required time and skill, generative AI has compressed the effort to minutes and a handful of prompts. IBM security researchers demonstrated that AI could build a phishing campaign as effective as one created by human experts, needing just five prompts instead of 16 hours of work.

RSAC 2026 itself reflects this anxiety. Agentic AI, the category of autonomous systems capable of planning and executing multi-step operations, dominates this year’s conference agenda. Microsoft’s keynote addresses securing AI agents at enterprise scale. Multiple vendors are unveiling deepfake detection tools. The conversation has moved decisively from whether AI will reshape email security to how quickly defenders can close the gap.

Encryption and deepfake protection round out the release

Beyond the AI agents, the Winter 2026 release includes integrated email encryption for outbound messages, a feature IRONSCALES designed to address compliance requirements without adding friction. The system applies encryption through two modes: policy-based protection for regulated content and user-initiated encryption for sensitive workflows.

The release also extends the company’s deepfake protection for Microsoft Teams, which IRONSCALES first introduced in 2025. Enhanced voice detection now learns employee voice patterns passively from normal meeting participation, flagging impersonation attempts even when cameras are switched off. It is a notable addition given that deepfake-driven fraud increased more than 700 per cent year over year, according to Cyble’s 2025 Executive Threat Monitoring data, and Gartner surveys indicate that 62 per cent of organisations experienced a deepfake attempt in the past year.

From reactive to preemptive, at least in theory

The underlying pitch from IRONSCALES is a closed-loop architecture: reconnaissance feeds detection, detection feeds training, and training feeds back into better recognition. Eyal Benishti, the company’s CEO, has described the approach as distinct from competitors who use OSINT-driven attack generation solely for employee training. IRONSCALES, he argues, uses it to improve detection first.

Whether that distinction proves meaningful in practice will depend on how the agents perform at scale across diverse customer environments. The email security market is crowded, and the claim of preemptive protection is one that several vendors are now making simultaneously. But the architectural bet, purpose-built agents feeding a shared adaptive model trained on data from 17,000 organisations, is at least a testable proposition.

Attendees at RSAC 2026 can see the platform demonstrated live at Booth #4600 in the North Expo. For everyone else, the real test will be whether the next wave of AI-powered phishing campaigns encounters defenders who saw them coming.

Looking for the most recent regular Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.

Today’s Connections: Sports Edition is a mixed bag. I enjoyed the blue group, which matches up people with the same first name. If you’re struggling with today’s puzzle but still want to solve it, read on for hints and the answers.

Connections: Sports Edition is published by The Athletic, the subscription-based sports journalism site owned by The Times. It doesn’t appear in the NYT Games app, but it does in The Athletic’s own app. Or you can play it for free online.

Read more: NYT Connections: Sports Edition Puzzle Comes Out of Beta

Hints for today’s Connections: Sports Edition groups

Here are four hints for the groupings in today’s Connections: Sports Edition puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Strike!

Green group hint: Fire it in there!

Blue group hint: Like Springsteen.

Purple group hint: Great force.

Answers for today’s Connections: Sports Edition groups

Yellow group: Found in a bowling alley.

Green group: Baseball pitches.

Blue group: Famous Bruces.

Purple group: Power ____.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections: Sports Edition answers?

The yellow words in today’s Connections

The theme is found in a bowling alley. The four answers are bowling ball, bumper, gutter and pin.

The green words in today’s Connections

The theme is baseball pitches. The four answers are changeup, cutter, slider and slurve.

The blue words in today’s Connections

The theme is famous Bruces. The four answers are Bowen, Lee, Smith and Sutter.

The purple words in today’s Connections

The theme is power ____. The four answers are forward, hitter, lifter and play.

An entire S$150 million industry is being built around fresh pet food in Singapore

For decades, the answer to feeding your pet was simple: open a bag of kibble, scoop some into a bowl, and that’s it—you were done.

Dry kibble has always dominated the global pet food market, and Singapore is no exception. It is cheap to produce, easy to store, and heavily marketed. For most pet owners, it has simply always been “the way.”

But increasingly, pet owners are asking harder questions. What exactly goes into those brown pellets? What is their nutritional value? And why do so many pets, even on premium kibble, still suffer from chronic ailments?

For a growing number of Singapore pet owners, the answer has been to ditch the bag entirely. They are turning to fresh pet food—minimally processed, human-grade meals made from real ingredients like sous vide chicken and bone broth. It costs a lot more, but they’re willing to splurge.

To meet the demand, a new wave of local brands has emerged, reshaping a market that, for decades, had remained largely unchanged.

Among them are PetCubes and BOM BOM: two Singapore-based fresh pet food companies that are both seeing market traction that their founders could not have anticipated when they first started out.

Taking pet nutrition to a new level

For Dr Francis Cabana, Director of Nutrition at PetCubes, the journey into pet food began far from domestic kitchens.

With a PhD in Animal Nutrition, his career has spanned zoos and rescue centres around the world, eventually bringing him to Mandai, where he worked with the Singapore Zoo. There, he began consulting for a local pet food startup—PetCubes—which would later become his full-time focus.

Founded in 2013, PetCubes claims to be Singapore’s first fresh pet food company, entering the market at a time when the concept was virtually unheard of.

“Back then, pet owners really only had two options: highly processed kibble or time-consuming home cooking,” he shared. “We wanted to bridge that gap with something that was both convenient and biologically appropriate.”

But being first came with challenges. Early growth was slow, and convincing pet owners and even veterinarians required extensive education.

“Every conversation was a hard-fought battle,” he said. “We were essentially teaching the market from scratch.”

Over time, however, that persistence paid off. Today, PetCubes operates its own ISO 22000 and HACCP-certified facility in Singapore and has expanded across Hong Kong and Malaysia. It has also achieved a milestone few fresh pet food brands can claim: being stocked in veterinary clinics locally.

While PetCubes emerged from industry expertise, BOM BOM was born out of a deeply personal experience.

Its founder and CEO, Jason Wang, didn’t set out to start a business. In fact, he was preparing for retirement when his dog, Kyubi, began suffering from a host of chronic health issues, from digestive problems to joint conditions.

Frustrated by the lack of clear answers from conventional treatments, Jason began researching pet nutrition himself.

“What started as a personal journey quickly became a much bigger realisation,” he explained. “Many of the issues Kyubi faced were linked to diet, specifically, highly processed kibble.”

Unable to find a product that met his standards, Jason began preparing fresh meals himself. The results were dramatic: within weeks, Kyubi showed visible improvements in his digestion, skin, and energy levels, to the point where friends began asking him to prepare meals for their pets as well.

Eventually, the kitchen-based passion project he started in 2016 became BOM BOM, formally established in 2017.

Today, the company serves around 10,000 customers in Singapore and operates a 5,000 sq ft SFA-licensed facility in Tiong Bahru. It also has a presence in South Korea, with a 9,000 sq ft factory set up in Seoul to cater to its customers there.

The business’s growth has been largely bootstrapped, expanding at over 30% CAGR over the past decade, shared Jason.

What really goes into the bowl

The shift towards cooked pet food is driven largely by pet humanisation: the idea that pets are family members deserving of the same quality of care and nutrition as humans.

While dry kibble still dominates due to convenience and affordability, its growth has plateaued. In contrast, the fresh and cooked pet food segment—still only about 10–20% of the market, according to Jason—is expanding rapidly.

The fresh dog food market in Singapore was estimated to have reached about S$150 million in 2025, driven by rising pet ownership and premiumisation trends.

Pet owners who have made the switch are noticing real, tangible changes in their pets’ health.

Dr Francis notes that after just three days on PetCubes, pets’ stools become smaller, darker, and less odorous—a clear sign their bodies are absorbing real nutrition instead of passing synthetic fillers.

PetCubes achieves these results through its thoughtfully crafted menu, which features 12 single-protein options ranging from rabbit and venison to crocodile and even insects.

Each meal is “gently cooked” at 75–80°C for at least 45 minutes—a low-and-slow method that eliminates pathogens while preserving delicate nutrients like vitamins, antioxidants, and proteins, which are often destroyed during the high-heat extrusion process used for kibble. The brand also offers raw options for pets that prefer an uncooked diet.

On the other hand, BOM BOM focuses on customised nutrition. Each meal is crafted on demand for individual pets based on age, breed, activity level, and specific health conditions.

Its smart factory rigorously checks portioning, fat content, and ingredient quality, while lab-tested produce and strict farm-to-bowl SOPs ensure freshness and safety.

This precision-led approach means pets often see measurable improvements in digestion, energy, coat health, and even chronic conditions—demonstrating the benefits of nutrition tailored to the individual rather than a one-size-fits-all formula.

Making an impression on the traditional market

As the category grows, so does competition.

New fresh, frozen, and freeze-dried brands are entering the market at an accelerating pace, offering pet owners a wider range of options than ever before. But perhaps the most telling sign of disruption is how traditional players are responding.

According to Dr Francis, major kibble brands have begun adopting language like “raw-inspired” and “ancestral feeding”—a shift he sees as validation rather than competition.

“When billion-dollar companies start mimicking your messaging, it proves that the demand for less processed, natural food has truly made an impression on the traditional market,” he said.

“The disruption is happening because we’ve raised the bar on what a pet’s bowl should look like, and now the rest of the industry is trying to keep pace.”

Jason echoes a similar sentiment but adds that the next phase of growth must go deeper.

Right now, there are no consistent standards defining what “fresh” actually means. As a result, brands can label their products as fresh without ensuring they are truly nutrient-dense or biologically appropriate.

“The industry needs to move beyond using fresh as a marketing term. We need clearer nutritional standards, greater transparency, and better education on long-term health outcomes.”

A market still finding its feet

While both PetCubes and BOM BOM see fresh feeding as still being in its early stages, the opportunities for growth are undeniable.

In Singapore, both brands are actively expanding their presence to reach more mainstream consumers. PetCubes has strengthened its footprint in major retailers like Pet Lovers Centre, while continuing to grow its online and subscription channels.

It has already seen striking growth. “We’ve grown our revenue by over 400%,” said Dr Francis, adding that the business produces “hundreds of thousands of fresh meals” annually.

BOM BOM, on the other hand, is extending beyond its direct-to-consumer model with selective retail partnerships and broader e-commerce availability, ensuring pet owners can access fresh, personalised meals more conveniently.

For both brands, expansion isn’t just about sales—it’s about making science-backed or precision-led fresh nutrition widely accessible.

But challenges remain.

Fresh food comes with higher production costs, including sourcing premium, human-grade ingredients. Cold chain logistics are critical to ensure meals remain safe and nutritious, but add complexity to distribution. Shelf lives are also shorter compared to traditional kibble, which requires careful inventory management and can limit mass adoption.

Additionally, the need for consumer education is ongoing. Many pet owners are still unfamiliar with fresh feeding or hesitant to move away from conventional options.

Still, if current trends are anything to go by, the trajectory is clear: the demand for fresh pet food is rising, and the market is ripe for growth.

• Read other articles we’ve written on Singaporean businesses here.

Featured Image Credit: @trufflewhuffle via Instagram/ BOM BOM

With its incredibly expressive and vibrant art direction, there’s a lot to like about extraction shooter Marathon from an aesthetic standpoint. Its own brand of brightly colored science fiction is a sight to behold, and there’s a real sense of wonder in the first few hours as you explore each of the three early maps, soaking it all in.

Developed by Bungie, the original creators of Halo, it should come as no surprise that the gunplay is well-crafted and compelling, with a strong variety of meaningfully distinct weapon types to try out. They’re great-looking, like the rest of the world, too, with striking, blocky, 3D printed designs that really help sell the distant future setting.

Anthropic announced today that its Claude Code and Claude Cowork tools are being updated to accomplish tasks using your computer. The latest update will see these AI resources become capable of opening files, using the browser and running dev tools.

When enabled, the Claude AI chatbot will first prioritize connectors to supported services such as the Google workplace suite or Slack, but if a connector isn’t available, it will be able to still execute an assigned task. Claude should ask for permission before taking these actions, but Anthropic still recommended not using this feature to handle sensitive information as a precaution.

Claude computer use will initially be available to Claude Pro and Claude Max subscribers on macOS. This feature is still in a research preview, so will continue to be adjusted based on Anthropic’s user feedback. It will also support use with Anthropic’s Dispatch feature, which allows a person to message the chatbot in a single continuous conversation across phone and desktop.

Claude Cowork was introduced in January. It’s an iteration of the Claude Code AI agent for programmers that is designed for more casual users.

Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December.

Mazda is one of Japan’s largest automotive manufacturers, with an annual production of 1.2 million vehicles and revenue of nearly $24 billion.

The company said the attackers exploited a vulnerability in a system related to warehouse management for parts procured from Thailand. The system did not contain any customer data. Also, the breach is limited to 692 records.

“Mazda Motor Corporation has identified traces of unauthorized external access to a management system used for warehouse operations related to parts procured from Thailand,” reads Mazda’s announcement.

“Following this discovery, the Company promptly reported the matter to the Personal Information Protection Commission – an external bureau of the Japanese Cabinet Office – and implemented appropriate security measures and conducted an investigation in cooperation with an external specialist organization.”

The investigation revealed that the potentially exposed information includes the following data types:

• User IDs
• Full names
• Email addresses
• Company names
• Business partner IDs

Although Mazda says it has detected no misuse of that information, the company recommends that impacted individuals remain vigilant because the risk of phishing attacks and scams targeting them is significant.

Apart from notifying the authorities, Mazda also implemented additional security measures on its IT systems, including reducing internet exposure, applying security patches, increasing monitoring for suspicious activity, and introducing stricter access policies.

At the time of writing, no ransomware group has publicly claimed the attack on the Japanese company.

BleepingComputer has contacted Mazda to learn more about the incident, and we will update this post with an official response as soon as it reaches us.

Although a data breach was never officially confirmed by Mazda, the Clop ransomware group in November 2025 posted Mazda.com and MazdaUSA.com on its data leaks site, claiming it compromised both the Japanese automaker and its U.S. subsidiary.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

If you’ve ever run a game server or used BitTorrent, you probably know that life is easier if your router supports UPnP (Universal Plug and Play). This is a fairly old tech — created by a standards group in 1999 — that allows a program to open an incoming port into your home network. Of course, most routers let you do this manually, but outside of the Hackaday universe, most people don’t know how to log into their routers, much less how to configure an open UDP port.

I recently found myself using a temporary setup where I could not access the router directly, but I needed some open ports. That got me thinking: if a program can open a port using UPnP, why can’t I? Turns out, of course, you can. Maybe.

Caveats

The first thing, of course, is that you need your firewall open, but that’s true no matter how you open up the router. If the firewall is in the router, then you are at the mercy of the router firmware to realize that if UPnP opens something up, it needs to open the firewall, too.

You might think, “Of course it will do that.” However, I’ve found there is a lot of variation in the firmware from different vendors, and if you aren’t in control of the router, it is more likely to have buggy firmware.

The other caveat is that the router needs UPnP enabled; if it isn’t and you have to get into it anyway, you might as well set up port forwarding in the usual way. I was in luck. The router I was behind had UPnP turned on.

In Theory

There are several libraries aimed at working with UPnP and many of them come with simple test clients. I decided to install miniupnpd, which has the upnpc utility. You don’t have to be root to run it. In theory, it should be very simple to use. You can use -l to list all the router’s current UPnP ports. The -a option adds a port, and -d deletes it. There are a few other options, but that covers most of the common use cases.

So, to open external port 2222 to port 22 on 192.168.1.133 you should be able to say:

upnpc -e 'HaD Test' -a 192.168.1.133 22 2222 tcp 3600

The -e option lets us make up a creative title for the mapping. The 3600 is the number of seconds you need the port open. Easy, right? Well, of course not.

Under the Hood

UPnP covers several different areas, including IP assignment and streaming media. However, the part of it we are using is for NAT traversal. Your router identifies as an Internet Gateway Device that other UPnP-aware programs can locate.

Unfortunately, there are two versions of the gateway device specification, and there are many compatibility problems. You are also at the mercy of the vendor’s correct interpretation of the spec.

UPNP has been known to be a security risk. In 2011, a tool appeared that let some UPnP devices map ports when asked from outside your network. Easy to imagine how that could be a bad thing.

UPNP devices advertise services that others can use, and, hopefully, your router advertises that it is a gateway. The advertisement itself doesn’t tell you much. But it does let you fetch an XML document that describes the device.

For example, part of my XML file looks like this:

11urn:schemas-upnp-org:device:InternetGatewayDevice:1OpenWRT routerOpenWRT
http://www.openwrt.org/OpenWRT routerOpenWRT router1
http://www.openwrt.org/00000000uuid:00000000-0000-0000-0000-000000000000
urn:schemas-upnp-org:service:Layer3Forwarding:
1urn:upnp-org:serviceId:L3Forwarding1/L3F.xml/ctl/L3F/evt/L3Furn:
schemas-upnp-org:device:WANDevice:1WANDeviceMiniUPnPhttp://miniupnp.free.fr/WAN DeviceWAN Device20260105
...

In Practice

There are a few strange things about the way upnpc works. First, when you do a list, you’ll get an error at the end. Apparently, that’s normal. The program simply asks for entry zero, one, two… until it gets an error (a 713 error).

However, when I tried to add an open port to this particular router, it always failed, giving me an error that implied that the port was already in use. Of course, it wasn’t.

Through experimentation, I figured out that the UPnP service on the router (the one I can’t get into) isn’t running as root. So any port number less than 1,024 is unmappable in either direction. Of course, this may not be a problem for you if you have a sane router. You could argue whether this is a bug or not, but it certainly didn’t give a good error message.

Testing, One, Two…

Just to do a simple test, I issued the following command. (with my firewall off, just for testing):

upnpc -e HADTEST -a 192.168.1.133 8022 8023 tcp 3600

I verified the port opening using the -l option. Then I stood up a really dumb telnet-style server on the local port (8022):

socat readline TCP-LISTEN:8022,reuseaddr,fork

From a machine on another network, I issued a telnet command to my public IP (198.37.197.21):

telnet 198.37.197.21 8023

Of course, I could have used 8022 for both ports, but I wanted it to be clear which argument was which. At this point, typing some things on the remote machine should show right up on the local machine, punching through the firewall.

In case you forgot, you can escape out of Telnet using Control-] and then a “q” will close the program. You can also just terminate the socat program on the local side.

More Than One Way

It is a bummer I couldn’t open up an ssh port using this method, although you can run sshd on a high port and get there that way. But it is better than nothing. Better still would have been to replace the router, but that wasn’t an option in this case.

There are other tools out there if you are interested. NAT-PMP is easy to use from Python, for example. There’s also something called PCP (not the performance co-pilot, which is something else). Many routers don’t support either of these, and we hear that implementations are often buggy, just like UPnP.

For the record, NAT-PMP didn’t give me a better error message, either. So the moral is this: if you can, just punch a hole in your router the old-fashioned way. But if you can’t. Linux almost always gives you another option.