As 2026 finds CISOs’ battle against relentless cyberattackers escalating once again, strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent…
Many software and SaaS companies are building AI agents into their products, but these features can expand the attack surface of those platforms, especially when rushed to market. A privilege…
Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one…
In my recent conversation with CISOs across Southeast Asia, they shared with me a pragmatic view of 2026. Attackers are shifting tactics, AI is amplifying both risk and response, and…
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group’s alleged leader, a 35-year-old Russian…
OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the…
A new Top 10 Cybersecurity Innovators profile by AppGuard has been released, spotlighting growing concerns over AI-enhanced malware. AI makes malware even more difficult to detect. Worse, they use AI…
CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses. – Read More
Better late than never. Cisco this week patched a ‘critical’ zero-day flaw in the company’s email security and management gateways that has hung over customers’ heads since December. Tracked as…
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that’s designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives.…
Security professionals are moving on up the executive ranks as enterprises face rising regulatory and compliance standards. – Read More
The finding of fresh privilege-escalation vulnerabilities in Google’s Vertex AI is a stark reminder to CISOs that managing AI service agents is a task unlike any that they have encountered…
Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to…
Pacific Northwest National Labs’ expert cybersecurity system, ALOHA, can recreate attacks and test them against organizations’ infrastructure to bolster defense. – Read More
Security researchers have confirmed active exploitation of a maximum-severity privilege escalation flaw in the widely used Modular DS plugin, a tool used to monitor, update, and manage multiple WordPress sites…