Securing and Governing AI Agents At Scale Through A Unified AI Gateway
Palo Alto Networks acquires Portkey, integrating its AI Gateway into Prisma AIRS. Get the unified control plane to securely govern and operationalize autonom...
Transportation
20 articles
Anthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
Anthropic has released Claude Opus 4.8 and outlined plans for broader access to its Mythos-class models, which the company expects to make available to all c...
Netskope extends data localization capabilities with NewEdge updates
Netskope has enhanced its NewEdge Network infrastructure, expanding data sovereignty capabilities to more regions than any other SASE cloud provider. The New...
Claroty targets cyber-physical system risks with AI-powered security agent
Claroty has launched Claroty Claire, a CPS-native AI security agent designed to help organizations defend mission-critical infrastructure. Claire is powered ...
Threat Actors Deploy Tiflux RMM for Persistent Remote Access
Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable B...
Typosquatted npm packages used to steal cloud and CI/CD secrets
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack ...
Why and how to migrate to a Transit Gateway-attached AWS Network Firewall
AWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Priva...
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 18, 2026 to May 24, 2026)
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
Geordie Raises $30 Million for AI Security and Governance Platform
The funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventur...
CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks
A critical FortiClient Endpoint Management Server (EMS) vulnerability patched in April has been exploited in fresh attacks to deploy information-stealing mal...
Cruise giant Carnival confirms data breach affecting nearly 6 million people
The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of A...
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affect...
Zapier exploit chain shows how known anti-patterns compose into critical risk
A five-stage exploit chain disclosed by Token Security researchers turned a free Zapier account into write access on Zapier’s public developer SDK packages a...
Experts on Experts: Why Compliance is becoming Continuous
This week on Experts on Experts, I’m joined by Sergio Alonso – Rapid7’s Director of Trust, Risk, and Compliance – to talk about how compliance is changing an...
New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still d...
ESET APT Activity Report Q4 2025–Q1 2026
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026
Silent Ransom Impersonates IT Support to Target Law Firms
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitiv...
Companies built AI into core systems before figuring out how to govern it
70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access t...
FBI warns law firms of in-person data theft by Silent Ransom Group
SRG actors initiate attacks by posing as IT support staff, contacting victims via phone calls or phishing emails to solicit a remote desktop session.
UK Visa Portal exposes passport and selfie photos of applicants
An anonymous source alerted TechCrunch to a security lapse on the UK Visa Portal website, stating that at least 100,000 documents, including passports and se...