CISOs Face a Tighter Insurance Market in 2026
Insured entities are becoming more sophisticated in their views on how cyber policies fit into their broader risk management plans.
Advisor360 Gets a Handle on Shadow AI via Automation
With employees looking for the benefits of artificial intelligence, a fintech company stepped up controls with automation.
_designer491_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
These startups reimagined browser security, pioneered application security for AI-generated code, and are building consensus on agentic vs. human costs.
ClickFix Campaign Serves Up Fake Blue Screen of Death
Threat actors are using the social engineering technique and a legitimate Microsoft tool to deploy the DCRat remote access Trojan against targets in the hospitality sector.
Scattered Lapsus$ Hunters Snared in Cyber Researcher Honeypot
Scattered Lapsus$ Hunters, also known as ShinyHunters, were drawn in using a realistic, yet mostly fake, dataset.
Lack of MFA Is Common Thread in Vast Cloud Credential Heist
An emerging threat actor that goes by "Zestix" used an assortment of infostealers to obtain credentials and breach file-sharing instances of approximately 50 enterprises.
DDoSia Powers Affiliate-Driven Hacktivist Attacks
Pro-Russian group NoName057(16) uses a custom denial-of-service tool to mobilize volunteers and disrupt government, media, and institutional sites tied to Ukraine and the West.
Cyberattacks Likely Part of Military Operation in Venezuela
Cyber's role in the US raid on Venezuela remains a question, though President Trump alluded to "certain expertise" in shutting down the power grid in Caracas.
Phishers Exploit Office 365 Users Who Let Their Guard Down
Microsoft said that Office 365 tenants with weak configurations and who don't have strict anti-spoofing protection enabled are especially vulnerable.
Attackers Exploit Zero-Day in End-of-Life D-Link Routers
Hackers are attacking a critical zero-day flaw in unsupported D-Link DSL routers to run arbitrary commands.
Here's What Cloud Security's Future Holds for the Year Ahead
Here are the top cloud security trends I'm seeing in my crystal ball for the New Year — particularly arming us for AI adoption.
ChatGPT's Memory Feature Supercharges Prompt Injection
The "ZombieAgent" exploit makes use of ChatGPT's long-term memory and advanced capabilities.