Homepage

Cybersecurity News

Fortinet PureLogs phishing https://www.pexels.com/photo/phishing-awareness-in-digital-security-30885916/

How a Fake Purchase Order Becomes a Full-Scale Enterprise Data Breach

June 09, 2026

Fortinet’s FortiGuard Labs recently discovered a phishing campaign with the goal of stealing sensitive data from target devices using a PureLogs variant. The lure hidden behind business document theming exploits the urgency and routine that…

Drupal CVE-2026-9082 https://www.pexels.com/photo/man-using-laptop-on-the-table-with-cup-of-hot-beverage-2010794/

CVE-2026-9082 and the Hidden Risk in Drupal's Core

June 06, 2026

A recently discovered vulnerability in Drupal Core, tracked as CVE-2026-9082, has been exploited in the wild and added to the United States Cybersecurity and Infrastructure Security Agency’s (CISA) KEV catalog. The vulnerability is an SQL…

claw chain AI vulnerability https://www.pexels.com/photo/intricate-machine-gears-in-industrial-setting-31742337/

Claw Chain Exposes the Blind Spot at the Center of Agentic AI Security

June 02, 2026

Open-source agentic AI platform OpenClaw has undergone rapid adoption since its late 2025 launch. First introduced as Clawdbot, OpenClaw has seen broad enterprise integration across IT automation, customer service, and messaging platforms. With the use…

Twill Typhoon Darktrace https://www.pexels.com/photo/an-abstract-artwork-5870930/

Twill Typhoon Modular Backdoor Rewrites Rules of Detection

June 01, 2026

Chinese-nexus threat actors have long demonstrated patience and operational sophistication. But newly-released research by Darktrace marks something more consequential than another well-executed intrusion. A Twill Typhoon attack documents an adversary that has engineered tooling to…

CISA KEV patching https://www.pexels.com/photo/united-states-capitol-facade-7016960/

How AI Is Collapsing the Federal Patching Window

May 29, 2026

The United States Cybersecurity and Infrastructure Security Agency (CISA) established the Known Exploited Vulnerabilities (KEV) catalog in November 2021 as a resource to aid federal agencies and the public in their efforts to defend against…

Claude Code credential stealer https://www.pexels.com/photo/illuminated-keyboard-with-digital-code-display-37694202/

Fake Claude Code Page Turns Trusted Developer Workflow Into Credential-Stealing Attack

May 26, 2026

A fake Claude Code installation page promoted through sponsored search results delivered an undocumented credential stealer by mimicking a familiar developer workflow, according to new research from Ontinue. Victims looking for Claude Code installation instructions…

email identity AiTM https://www.pexels.com/photo/icons-on-cellphone-screen-8829445/

The AiTM Campaign That Made Your Policies Work Against You

May 22, 2026

A recent large-scale credential theft campaign discovered by Microsoft Defender Research serves as a prime demonstration of how institutional culture can become the attack surface for increasingly sophisticated phishing attacks. The design of the lure…

open source supply chain vulnerability https://pixabay.com/illustrations/chain-chain-link-connection-2364831/

How Open Source CI Workflows Became the New Supply Chain Vulnerability

May 21, 2026

On April 24th, 2026, the Elementary Open Source Python CLI was released containing malicious code, injected by an attacker posting a crafted pull request (PR) comment. The GitHub Actions workflow interpolated the comment into a…

PocketOS Cursor agent database https://www.pexels.com/photo/a-man-in-red-shirt-covering-his-face-3760043/

When Agents Decide to "Fix" It: The Governance Gap in Autonomous AI

May 19, 2026

All it took was the time to read this sentence, or about nine seconds. An AI coding agent wiped out months of customer data essential to the PocketOS SaaS platform and its car rental clients.…

Industry News

Torq Jit AI SOC https://www.pexels.com/photo/futuristic-digital-tunnel-with-bright-led-lights-30547580/

Torq's Acquisition of Jit and the Rise of Context-Driven SecOps

June 08, 2026

Since the inception of AI security operations center (SOC) platforms, they have operated around and struggled against fragmented, context-free data. Architectures that center around security alerts treat each of these events in isolation, stripping out…

Cyera Genie AI https://www.pexels.com/photo/brass-oil-lamp-on-the-table-20122586/

Cyera’s $50M Genie Deal Signals the Rush for AI Security Startups

June 04, 2026

Cyera has acquired Genie Security, a five-person Israeli cybersecurity startup founded only months ago, in a deal reportedly worth about $50 million, underscoring how quickly larger security companies are moving to buy young teams building…

Akamai acquires LayerX https://www.pexels.com/photo/an-artist-s-illustration-of-artificial-intelligence-ai-this-image-visualises-the-benefits-and-flaws-of-large-language-models-it-was-created-by-tim-west-as-part-of-the-visualising-ai-pr-17485738/

Akamai's LayerX Acquisition Redraws the AI Governance Perimeter

June 03, 2026

In the ongoing AI boom, the adoption and implementation of AI tools and agents is rapidly outpacing the rate at which governance instrumentation is being built to contain and manage them. Previously existing controls like…

Cisco acquires Astrix agentic AI identities https://www.pexels.com/photo/an-artist-s-illustration-of-artificial-intelligence-ai-this-image-depicts-how-ai-could-adapt-to-an-infinite-amount-of-uses-it-was-created-by-nidia-dias-as-part-of-the-visualising-ai-pr-17485658/

Why Cisco Paid $400M to Secure the Identities No One Is Watching

May 27, 2026

The broad digital landscape in recent years has seen a massive increase in non-human identities (NHIs), including API and access keys, service accounts, OAuth tokens, and AI agents. These identities now outnumber human users by…

Suzu Labs Emulated Criminals https://pixabay.com/illustrations/security-internet-crime-cyber-4700815/

Suzu Labs Acquires Emulated Criminals to Make the Case That Cybersecurity's Most Critical Decisions Can't Be Automated

May 08, 2026

Enterprise security programs have largely been built around periodic assessments and checkbox frameworks, designed to ensure bare-minimum compliance with regulations to avoid penalties. The annual or quarterly testing cycles accompanying this approach create dangerous blind…

Palo Alto Koi https://pixabay.com/photos/koi-fish-koi-carp-water-japan-4418256/

Why Palo Alto's $400M Koi Acquisition Signals a New Security Imperative

May 06, 2026

Traditional endpoint security measures and tools were built around the assumption of human actors, rendering them ineffective in modern environments. Organizations often extend implicit trust to developer tooling and third-party software rather than dedicating resources…

CyberEdge 2026 Cyberthreat Defense Report

CyberEdge’s 2026 Cyberthreat Defense Report Signals AI-Driven Upheaval for Security Teams

April 28, 2026

The newly released 2026 Cyberthreat Defense Report from CyberEdge Group paints a clear picture: artificial intelligence is no longer just a tool in cybersecurity—it’s a disruptive force reshaping both the threat landscape and the workforce…

Cisco Galileo AI observability agentic visibility https://unsplash.com/photos/a-large-group-of-colorful-balls-floating-in-the-air-AXNZb4FEkh8

Cisco's Acquisition of Galileo and the Rise of Agentic Observability

April 20, 2026

The AI boom continues to bring new developments and shows no sign of stopping anytime soon. Agentic AI systems are now embedded in software development, content creation, and customer support workflows in an effort to…

Fortra Zero-Point Security training https://unsplash.com/photos/code-displayed-on-computer-screens-v-jFS1AsHXo

How Fortra's Acquisition of Zero-Point Security Is Redefining Offensive Security Education

April 15, 2026

The dangerous gap between tool sophistication and operator readiness continues to widen, creating security risks that compound over time. Red team platforms like Cobalt Strike have outpaced available education, making it difficult to adequately conduct…

Subscribe for the Latest News

Webinars

Tuesday, Jun. 16 1pm ET / 10am PT

The $5M Blind Spot: What Happens When You Can’t Tell Good Bots from Bad

Tuesday, Jun. 16 1pm ET / 10am PT

Defining Cyber Resilience with Francis Odum

Wednesday, Jun. 17 1pm ET / 10am PT

The New Era of Cyber Resilience: Mastering Autonomous M365 Recovery and Rubrik Agent Cloud