AI can accelerate microsegmentation, but it cannot govern policy
Here’s the case for looking at policy governance as its own discipline.
SC Media
20 articles
Recovery is the new cyber deterrence
Why resilience and quick recovery can deter potential attacks.
IBM executive floated for CISA director as concerns persist for agency
Cybersecurity leaders warn weakened CISA could hurt AI-era defense and threat response.
AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459
TeamPCP releases ‘vibe coded’ Shai-Hulud source code, issues challenge
The variant was used in recent attacks against TanStack and others – but it’s not the original, researchers say.
10.0 Cisco Catalyst SD-WAN Controller bug added to CISA’s KEV list
Maximum-severity bug an authentication bypass flaw that’s considered the highest value target in an attacker’s playbook.
Microsoft warns of active exploitation of new Exchange Server zero-day vulnerability
The vulnerability, a cross-site scripting flaw with a CVSS score of 8.1, specifically impacts Outlook Web Access (OWA).
Hackers use PyInstaller to hide XWorm malware
The attack begins with deceptive emails or fake software updates containing a seemingly harmless file.
Researchers bypass Apple's M5 security with AI-powered macOS exploit
Researchers from Calif utilized Anthropic's Mythos Preview AI to chain two previously unknown bugs and several techniques, ultimately creating a functional e...
FTC begins enforcing Take It Down Act for nonconsensual deepfakes
The Take It Down Act mandates that online platforms remove nonconsensual intimate imagery and AI-generated "digital forgeries" within 48 hours of a victim's ...
U.S. officials discard items from China trip over security concerns
During a high-level meeting between U.S.
ESET details new Ghostwriter activity targeting Ukrainian government
The latest FrostyNeighbor campaign begins with a spear-phishing email containing a PDF attachment disguised as an official communication from Ukrtelecom, a m...
WordPress Funnel Builder vulnerability exploited to steal payment data
The vulnerability in the Funnel Builder plugin, used by over 40,000 websites, allows unauthenticated attackers to modify global settings via an unprotected c...
American Lending Center data breach impacts over 123,000 individuals
The breach involved a ransomware attack where threat actors compromised the internal network and accessed files containing personal identifying information.
Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581
When compliance isn’t continuous, that’s a security risk
Companies need to treat compliance as a service that helps the business compete.
Permiso launches AI agent runtime security
The new capabilities extend Permiso’s unified identity platform to address the growing challenge of securing AI agents, which are increasingly making autonom...
Critical vulnerability in Burst Statistics plugin allows admin takeover
The flaw, identified as CVE-2026-8181, was introduced in version 3.4.
The blind spot in AI security: Resilience for model and training data
AI resilience, not speed alone, will decide which enterprises survive AI-era breaches.
New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available
Fragnesia is at least the fourth privilege escalation flaw affecting Linux systems disclosed in the last three weeks.