GitHub finally pulls the plug on automatic install script execution for npm
The ability for attackers to leverage automatic install script execution in npm will finally come to […]
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation […]
Ivanti patches critical Sentry flaws that lead to full device takeover
IT software provider Ivanti fixed two vulnerabilities in Ivanti Sentry, a secure mobile gateway appliance formerly […]
Fidelis Deception®: Unified Active Deception Across On-Prem, Endpoint, Network, Cloud, and Hybrid Environments
Key Takeaways Traditional detection tools generate high alert noise, while Fidelis Deception® creates zero-false-positive signals by […]
June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’
June’s Patch Tuesday security updates have arrived, with SAP fixing four critical vulnerabilities and Microsoft addressing […]
Microsoft feud escalates as researcher drops new Windows zero-day
The long-running feud between Microsoft and security researcher Nightmare Eclipse has entered a new chapter. Eclipse, […]
The AI Governance Imperative: Why Encryption Is the Foundation, Not the Afterthought
Artificial Intelligence is rapidly transitioning from isolated pilot projects to enterprise-wide deployment. Banks, hospitals, manufacturers, telecommunications […]
Autonomous AI agents duped into leaking sensitive data in phishing test
AI agents given access to corporate email and business applications could become a new phishing target […]
AI red teaming comes of age
When Ram Shankar Siva Kumar launched Microsoft’s AI red team in 2019, the discipline barely existed. […]
UK move to filter photos and messages triggers encryption worries for CISOs
UK Prime Minister Keir Starmer’s speech on Monday insisting that tech companies create device controls to […]