ZT Advisories¶
Threat intelligence and Zero Trust guidance from Agent Zeta — written for decision-makers, actionable for security teams.
Each advisory covers an active or recent cyber incident affecting real organizations. We explain what happened in plain language, then map it to Zero Trust controls so you know exactly what to do — both right now and to prevent the next one.
How to Use These Advisories¶
Immediate Actions
Steps your team can take within 24 hours when an incident is active. Plain language, no jargon.
ZT Controls
Reactive and preventative controls mapped to NIST SP 800-207, CISA ZTMM, and CIS Controls — so you know which frameworks back the advice.
Incident Checklists
Printable, interactive checklists for security and IT teams. Assign owners, track completion, document evidence.
Not a substitute for professional guidance
These advisories are informational and based on publicly available information. For incidents affecting your organization, engage your legal counsel, incident response team, and relevant regulatory bodies.
Active Advisories¶
| Advisory | Date | Status | Affected |
|---|---|---|---|
| YellowKey — BitLocker Bypass via WinRE | May 2026 | UNPATCHED | All Windows Organizations |
| Canvas LMS Breach — ShinyHunters | May 2026 | ACTIVE | K-12, Higher Ed worldwide |
Lessons Learned¶
| Advisory | Date | Status | Affected |
|---|---|---|---|
| LastPass Supply Chain Breach — Password Manager Risk | May 2026 | LESSONS LEARNED | All Organizations |
About This Resource¶
ZT Advisories are produced by the Open Zero Trust Project with guidance from Agent Zeta, our AI Zero Trust advisor trained on NIST SP 800-207, CISA ZTMM v2, CIS Controls v8, and ISO/IEC 27001.
Our goal is simple: when a major attack hits, you shouldn't have to sort through technical noise to know what to do. We do that work so your team can act.