What 22,000 breaches teach us about incident preparedness
The 2026 Verizon Data Breach Investigations Report analyzed more than 22,000 confirmed data breaches across 145 […]
Microsoft says you don’t need another email security tool; experts say, not so fast
Despite best efforts by defenders, malicious emails continue to slip through the cybersecurity cracks, leading some […]
China-linked hackers target US, Canada research using legacy REDCap exploits
Google is warning of a cyber espionage campaign linked to a China-nexus threat actor, UNC6508, that […]
Cisco patches SD-WAN flaw amid evidence of active exploitation
Cisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware […]
Zero trust isn’t broken. Most companies just do it wrong.
Zero trust is 15 years old, and like many teenagers, it can feel misunderstood and underappreciated. […]
Langflow RCE under active attack months after a patch was shipped
Enterprises using the open-source AI orchestration platform Langflow are being urged to patch a high-severity path […]
Attackers can turn AI agent guardrails into denial-of-service weapons
Attackers can turn AI agent guardrails into denial-of-service weapons, according to new research that found a […]
Governing the ghost workforce
Every enterprise security team is fighting a workforce problem they cannot see on any org chart. […]
Sovereign cloud won’t fix your AI risk. Identity governance will
Your board is asking. Your legal team is asking. Your auditors will be asking: Should AI […]
5 runtime signals for catching a compromised AI agent
In June 2025, Simon Willison, the engineer who coined the term “prompt injection,” published a warning […]