Tenable warns AI adoption is outpacing governance as cloud exposure risks surge
A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools...
Information Security Buzz
18 articles
What to do when your AI’s guardrails fail
I want to talk about the Microsoft 365 Copilot bug. Not because it was exceptional, but because what it exposed should change how every organization architec...
Microsoft patches 138 vulnerabilities as AI-driven discovery accelerates
Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May Patch Tuesday release,...
Foxconn confirms cyberattack following Nitrogen ransomware claims
Foxconn has confirmed that several of its North American factories were hit by a cyberattack, after the Nitrogen ransomware group claimed to have stolen 8TB ...
The evolution of cyber risk: Addressing geopolitical threats
Ransomware, data breaches, phishing schemes—cyber attacks can take many forms. Traditionally, the motive of these attackers can often be traced back to some ...
Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak
An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students ...
Zara Owner Inditex Confirms Customer Data Breach Affecting Nearly 200,000 People
Fashion retailer Inditex, the parent company of Zara, has confirmed unauthorized access to customer transaction databases hosted by a third-party provider. D...
Online Safety Act failing to deliver “step change” for children, report warns
A new report published by Internet Matters, reveals that the Online Safety Act (OSA) in the UK, although bringing visibility of online safety tools, does not...
Investigating the aftermath: understanding digital forensics after a cyber incident
Successfully recovering your business from a cyberattack often requires much more than just loading up backups. Although your first instinct is likely to pri...
“Recovery Is the New Prevention”: a Q&A with CSO of Health-ISAC, Errol Weiss
Errol Weiss spent fourteen years in banking and finance before joining Health-ISAC, where he serves as Chief Security Officer. His career has tracked a quiet...
Trelix admits breach on a ‘portion’ of its source code repository
Trellix has disclosed unauthorized access to a portion of its source code repository. However, it did not specify which portion of its source code was access...
Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts
Security operations centers (SOCs) operate under a difficult reality where there are far more security alerts than human analysts available to investigate th...
Microsoft Edge Found Holding Saved Credentials in Plaintext Memory
Security researcher Tom Jøran Sønstebyseter Rønning, posting as @L1v1ng0ffTh3L4N, has revealed that Microsoft Edge decrypts every saved password at startup a...
US weighs slashing vulnerability patching deadlines as AI-driven threats accelerate
There are discussions in US cybersecurity circles to radically shorten the time given to government agencies to fix software vulnerabilities currently being ...
How Iranian Cyber Intrusions Unfold Inside Enterprise Networks
Iranian cyber operations have gone from being disruptive single events to ongoing campaigns against governments, infrastructure providers, technology compani...
Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation
The Cybersecurity and Infrastructure Security Agency (CISA) has added another Linux kernel vulnerability, CVE-2026-31431, also known as Copy Fail, to the Kno...
Visual data is the blind spot in enterprise security: that’s about to change
Most enterprise security teams can tell you exactly how their databases are encrypted. They know who has access to their CRM and can pull audit logs for ever...
The new rules of war have no rules
When the Iran conflict escalated the way it did, most businesses had no playbook for it. The disruption didn’t stay in the region.