Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows
Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of mont...
General
20 articles
Operationalizing AWS security: A maturity roadmap
Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security postu...
Critical Infrastructure: The Risk Hiding in Plain Sight - Jason Manar - CSP #225
AI brands as bait: How threat actors are using the AI hype in social engineering
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. T...
Critical UniFi OS bug lets hackers gain root without authentication
Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authenticatio...
How managing digital identities has become critical to agentic AI projects
Teams need identity systems that have access control, the ability to limit and revoke privileges, and auditability.
Everybody Is Vibe Coding But Nobody Told the Security Team
AI-driven development is not something organizations can or should block. But it must be governed.
Researcher finds Bright Data iOS SDK turns smart TVs into web-scraping nodes
Bright Data, formerly Luminati, operates a large residential proxy network, with a portion sourced from an SDK embedded in free applications.
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto
AI agents discover numerous vulnerabilities in FFmpeg and Chrome
The security startup depthfirst utilized an autonomous AI agent to scan FFmpeg's extensive codebase, uncovering 21 previously unknown vulnerabilities, some o...
Guardrails for agents: How to secure AI at runtime
Here's how identity security is becoming the enforcement layer for agentic AI.
Russia upgrades rules for its digital spy system to better track citizens online
New regulations published by Russia's Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the...
Reducing security operations complexity with Wazuh Cloud
Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cl...
OpenAI Unveils ChatGPT Account Security Controls
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft
New Relic expands observability into AI-assisted software development
New Relic has announced AI Coding Observability, an open-source tool for monitoring AI-assisted software development workflows. As organizations adopt AI cod...
OpenAI rolls out lockdown mode for ChatGPT to combat prompt injection attacks
Lockdown Mode is an optional security setting designed for users handling sensitive data, including those on Free, Go, Plus, Pro, and ChatGPT Business plans.
Former IBM executive sues, alleging cover-up of foreign government hacks
The lawsuit was filed by William Barlow, IBM's former vice president of threat intelligence.
Toshiba and Muji warn of fake login screens from polyfill.io
Tech giants Toshiba and Muji have alerted visitors to their websites about suspicious sign-in screens that could potentially harvest user credentials.
Turning Cloudflare’s threat indicators into real-time WAF rules
Cloudflare customers can now use Cloudforce One threat intelligence directly within the WAF to block high-risk traffic. By using new cf.
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler. The post Cybersecurity M&A Roundup: 26 De...