GUEST OPINION: Technology businesses are no strangers to supply chain pressure. Whether you are procuring networking hardware, servers, semiconductors, or consumer electronics, the global supply chain disruptions of recent years have made one thing very clear: how you move goods is just as strategic as what you buy.
Category: AI
AI, Cybersecurity, Exploits, Global Security News
CISA orders feds to patch Windows flaw exploited as zero-day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks. […]
AI, Global Security News, privacy
Android reminders, reinvented
Sometimes, the hardest part about getting stuff done is simply remembering what you have to do — and when. And ironically, lots of the tools that exist to help us juggle our endless array of incoming tasks only seem to make it even more overwhelming. Truly, it doesn’t take much for the very act of…
AI, Global Security News
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects all currently supported versions, according to an alert released by cPanel on Tuesday. The issue has been addressed in the following versions – 11.110.0.97 11.118.0.63…
AI, Global Security News
Cursor AI IDE vulnerability allows code execution via hidden Git hooks
Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories.
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
AWS leans on prior ingenuity to face future AI and quantum threats
As Amazon celebrates the 20th anniversary of its AWS cloud this year, the world’s biggest cloud computing provider now faces two giant cybersecurity threats — AI and quantum. How the company will navigate these emerging issues to ensure the security and resilience of systems used by its millions of corporate customers remains an evolving question.…
AI, Global Security News, Risk Management
Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026
Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the…
AI, Cybersecurity, Endpoint, Global Security News
Kaseya agentic IT management unifies data and automates ticketing, security and backups
Kaseya has introduced an agentic IT management platform powered by Kaseya Intelligence, combining unified data across IT operations, cybersecurity, and resilience with an execution layer that autonomously triages tickets, contains threats, verifies backups, and optimizes workflows. This is the core architectural difference. Every major vendor has added AI, but when it runs on partial data…
AI, Global Security News
DigitalOcean AI-Native Cloud unifies infrastructure, inference, and agents for production AI
DigitalOcean has introduced the AI-Native Cloud, an end-to-end platform built for the inference and agentic era. Spanning infrastructure, core cloud, inference, data, and managed agents, it already supports production workloads at Higgsfield AI, Hippocratic AI, ISMG, Bright Data, and LawVo. AI-native builders are caught between imperfect options: hyperscalers built for the enterprise cloud era, with…
AI, Compliance, Global Security News
amazee.ai’s amazeeClaw simplifies production deployment of AI agents with regional control
amazee.ai has announced the launch of amazeeClaw, a managed OpenClaw hosting platform that enables developers and enterprises to deploy production-ready AI agents with data sovereignty and regional control without having to set up their own infrastructure. As adoption of AI agents and agentic automation accelerates, organizations are discovering that moving from prototype to production is…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2024-1708 (CVSS score of 8.4) ConnectWise ScreenConnect Path Traversal…
AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management
Margin vs. Madness: Fixing MSSP Top 5 Operational Nightmares
Leading a managed security services provider has never been a comfortable job. And it isn’t now, though the demand for MSSPs has never been higher. The global threat landscape is expanding faster than most enterprise security teams can keep pace with, and organizations across every sector are turning to managed providers to fill the gap. For MSSP leaders, this…
AI, Apps, Global Security News
Virtue AI PolicyGuard turns AI policies into enforceable runtime guardrails
Virtue AI has announced PolicyGuard, a system that enables enterprises to define, edit, and enforce custom AI runtime protection guardrails across models, agents, and applications. Most organizations have “AI acceptable use policies.” When they need to enforce those policies, however, the tooling is static, fragmented, and generic: built for no industry in particular and no…
AI, Data Breaches, Global Security News
ShinyHunters exploit Anodot incident to target Vimeo
The video platform Vimeo confirmed a security breach via Anodot that exposed metadata, video titles, and some user emails. Vimeo said some user data was accessed after a breach at Anodot. Anodot is a company that provides AI-driven data analytics and anomaly detection tools. Most of the exposed information includes technical data, video titles, and…
AI, Global Security News, Network Security
Eino’s agentic network observability platform enables real-time, AI-driven network insights
Eino has introduced a new class of solution for enterprises known as agentic network observability. Designed for enterprises with multiple network technologies and mission-critical use cases, Eino’s agentic solution uses a 3D digital twin approach of the physical environment to deliver real-time insights for almost any wireless networking technology, deployed together or separately. This enables…
AI, Global Security News
Who’s the better CEO, Apple’s Tim Cook or Microsoft’s Satya Nadella?
Tim Cook’s impending retirement as Apple’s CEO marks the end of an era — the years when the Apple-versus-Microsoft fight dominated the tech world. Of course, it’s been a long time since those two companies ruled by themselves. These days, Google, Meta, OpenAI, Anthropic and Amazon are just as influential. Still, Cook’s decision to step…
AI, Global Security News
Fedora Linux 44 ships with GNOME 50 and KDE Plasma 6.6
The Fedora Project released Fedora Linux 44, delivering updated desktop environments, revised installer behavior, and several lower-level system changes across its editions and spins. The release covers the project’s flagship editions, including Workstation, KDE Plasma Desktop, Cloud, Server, CoreOS, and IoT, alongside the Atomic Desktops lineup of Silverblue, Kinoite, Cosmic, Budgie, and Sway. Alternate spins…
AI, Exploits, Global Security News
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could…
AI, Global Security News
AI prompt confidentiality and false citations worry researchers
Academic researchers using commercial AI tools for literature review and idea generation are sending unpublished research questions, draft hypotheses, and proprietary domain knowledge into systems whose data handling they do not understand. A think-aloud study of 15 researchers documents the workarounds these users have built to manage what they see as unresolved confidentiality and output…
AI, Global Security News, Risk Management
Identity discovery: The overlooked lever in strategic risk reduction
If you ask a CISO what keeps them up at night, the answer usually isn’t “lack of tools.” It’s uncertainty. Uncertainty about what they don’t see. Uncertainty about how far an attacker could move once inside. Uncertainty about whether identity programs are actually reducing risk, or just managing symptoms. Identity discovery sits at the center…
AI, Global Security News
Product showcase: SimpleX Chat removes user identifiers from messaging
SimpleX Chat is a free, private, open-source messenger that uses encryption and does not require user identifiers. It is available on mobile and desktop platforms, including iOS, Android, Windows, macOS, and Linux. After downloading the app, the user creates a profile by entering a display name. The profile is stored locally on the device. After…
AI, Apps, Global Security News
AWS unveils trio of key AI strategy announcements
AWS on Tuesday announced an expansion of its partnership with OpenAI and launched a major new agentic AI push with the introduction of a new desktop app for Amazon Quick, a personal AI assistant, and an expansion of Amazon Connect from a single product into four distinct offerings. News of the enhanced partnership comes 24…
AI, Apps, Global Security News, Network Security, Risk Management
SAS makes AI governance the centerpiece of its agent strategy
Enterprises are quickly moving from AI experimentation to deployment, however, when agentic AI begins making more decisions, invoking more tools, and operating across fragmented data environments, there can be an erosion of visibility, governance, and trust. SAS laid out its answer to that problem at its annual conference, SAS Innovate, introducing a new family of…
AI, Apps, Global Security News, malware, Risk Management, Russia
More fake extensions linked to GlassWorm found in Open VSX code marketplace
The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has uploaded 73 more impersonated links, as its attempt to infect software supply chains continues. Philipp Burckhardt, head of threat intelligence at Socket, which revealed the latest activity, called it a “significant escalation” in the gang’s activity, after…
AI, Funding, Global Security News
Ex-Twitter CEO’s AI Startup Raises Funds at $2 Billion Valuation
Parallel Web Systems raised $100 million in Series B funding to continue building web search for AI agents.
AI, Exploits, Global Security News
Kuse Web App Abused to Host Phishing Document
Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack.
AI, Global Security News
FIDO Alliance wants to keep AI agents from going rogue on online payments
AI agents are beginning to shop, log in, and complete tasks with little direct input. That shift is pushing the security industry to rethink how trust works when actions are carried out on a user’s behalf. The FIDO Alliance has announced a set of initiatives to build shared standards for these interactions, covering how AI…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
7 Best Network Security Tools to Use in 2026
This guide is for IT professionals, security teams, and business leaders looking to strengthen network defenses in 2026. It covers the best network security tools to protect data and help reduce overall organizational risk. Network security tools incorporate hardware and software technologies, methods, and policies to preserve network integrity and prevent potential breaches. These tools…
AI, china, Global Security News, Russia
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Like many organizations, the National Geospatial Intelligence Agency is moving to integrate AI tools into their business operations. Jay Harless, director of human development at NGA, said the agency is trying to strike a balance: move fast enough to keep pace in what U.S. national security officials increasingly view as an AI arms race with…
AI, Global Security News, malware
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
AI, Global Security News
New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords
Forcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry.
AI, Compliance, Cybersecurity, Global Security News, Government & Policy, Network Security, privacy
Best AI Deepfake and Scam Detection Tools for Security in 2026
This guide is for security professionals, IT teams, and anyone concerned about AI-driven fraud who wants to detect deepfakes and scams in 2026. It covers some of the best tools available to identify fake videos, audio, and synthetic content. You can fake a video. You can clone a voice. You can even generate a “live”…
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security
6 Best Intrusion Detection & Prevention Systems in 2026
This guide is for IT leaders, security teams, and network administrators looking to strengthen threat detection and response in 2026. It covers the top intrusion detection and prevention systems (IDPS) and key features to consider when choosing the right solution. Network security is not just about keeping the bad guys out. It’s about having a…
AI, Exploits, Global Security News, Risk Management
CVE-2026-3854 GitHub flaw enables remote code execution
Critical GitHub flaw CVE-2026-3854 lets attackers run code with a single git push, exploiting a command injection bug. Researchers found a critical vulnerability in GitHub, tracked as CVE-2026-3854, that allows remote code execution through a simple git push. The vulnerability affects GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Federal Chief Information Officer Greg Barbaccia said Tuesday the government is approaching Anthropic’s Mythos model with measured expectations, acknowledging both its potential to strengthen federal cyber defenses and the significant uncertainties that remain about how it would perform in real-world conditions. Barbaccia said his direct exposure to Mythos has been limited to evaluations and benchmarking…
AI, Cybersecurity, Global Security News
Struggling to Manage Multiple Screens – Here’s a Smarter Approach
Managing multiple screens across locations shouldn’t drain your team’s time and patience. Discover practical strategies to simplify multi-display management today. You walk into your office on Monday morning, coffee in hand, and three different people hit you with bad news. The lobby screen is frozen. The break room display is showing last month’s menu. The…
AI, Apps, Cloud Security, Exploits, Global Security News, Risk Management
What the March 2026 Threat Technique Catalog update means for your AWS environment
The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to security incidents. We’re passionate about making sure that information is widely accessible so that everyone can improve their security posture and their organization’s resilience to disruption. The primary method we use to share this…
AI, Cybersecurity, Global Security News
Can Apple’s new CEO turn things around?
When Apple rolled out hardware chief John Ternus as the CEO to replace Tim Cook, the reaction was kind but muted. That’s because Ternus has said nothing yet to indicate he has a specific plan to position Apple for the future. (To be fair, he’s said next to nothing about anything — no easily found…
AI, Global Security News, Network Security
Enterprises need to think beyond GPUs for agentic AI, analysts say
The ongoing shift from generative AI (genAI) to agentic AI provides an opportunity for enterprises to move to more nimble and less expensive forms of computing, according to analysts. Early AI models were largely built on expensive GPUs from Nvidia and AMD that offered raw processing power. But newer agentic AI tools, rooted in business…
AI, Cybersecurity, Global Security News
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single “git push” command. The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded API key embedded in ClickUp’s public website has quietly exposed hundreds of corporate and government email addresses for more than a year. The flaw, first reported in early 2025, remained active as of April 2026 — allowing anyone to access sensitive data with a simple request and no authentication. “I went to http://clickup[.]com,…
AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management, Venture
Infra + security: why more & more CISOs are starting to own infrastructure
Over the past year, I have started to see a growing trend that in more and more organizations, CISOs are taking ownership of infrastructure teams. Where CISOs aren’t directly taking over infrastructure teams, they are exerting more direct control over how infrastructure is designed and operated. Like many structural shifts in cybersecurity, this is developing…
AI, Cybersecurity, Global Security News, malware
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). “The malware disguises itself as a Minecraft hack called ‘Slinky,’” Brazil-based cybersecurity company ZenoX said in a technical report. “It uses the official game icon to…
AI, Compliance, Global Security News, Network Security
Fleet hopes to be the MDM provider for the AI Era
Fleet, the independent, open-source, multi-platform MDM service, recently announced its new partner program for VARs and MSPs serving enterprise customers and recruited MobileIron co-founder Suresh Batchu to serve on the company’s board. With those moves in mind, I caught up with company CEO Mike McNeil to find out more about the Fleet’s plans. Given the company’s…
AI, Global Security News
Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise
Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions.
AI, Global Security News
Trial Begins Between Elon Musk and Sam Altman for the Future of OpenAI
Opening statements have begun in a trial offering differing views of Musk’s early financial support of OpenAInand its conversion to a for-profit company.
AI, Apps, Compliance, Global Security News, Network Security
Access control with IAM Identity Center session tags
As organizations expand their Amazon Web Services (AWS) footprint, managing secure, scalable, and cost-efficient access across multiple accounts becomes increasingly important. AWS IAM Identity Center offers a centralized, unified solution for managing workforce access to AWS accounts. It simplifies authentication, enhances security, and provides a seamless user sign-in experience to AWS services across diverse environments.…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management
Rep. Delia Ramirez takes over as top House cybersecurity Dem
Illinois Rep. Delia Ramirez is taking over as the top Democrat on the House Homeland Security panel’s cybersecurity subcommittee, replacing former Rep. Eric Swalwell after his resignation. Committee Democrats approved the change Tuesday at a meeting prior to a “shadow hearing” without the GOP majority, focused on protecting elections from Trump administration interference. Ramirez first…
AI, Global Security News
Google Clears Pentagon to Use AI Tools in Classified Settings
Tech giant added language to contract to say its AI wasn’t intended for domestic mass surveillance or fully autonomous weapons.
AI, Data Breaches, Global Security News
ShinyHunters claims it stole 1.4 million records from Udemy
The ShinyHunters group claims it has breached the Udemy, one of the world’s largest online learning platforms. According to Have I Been Pwned, the leaked dataset contained 1.4 million unique email addresses of customers and instructors, along with names, physical addresses, phone numbers, employer information, and instructor payout methods, including PayPal, cheque, and bank transfer.…
AI, Data Breaches, Global Security News
Medtronic Confirms Data Breach After ShinyHunters Claims
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
AI, Global Security News
The best way for small business owners to produce marketing videos on a tight budget
GUEST OPINION: Running a small business means wearing every hat, including the one labelled “marketing director.” Video content drives engagement across nearly every platform, but hiring videographers, animators, and editors quickly drains operating budgets. Many entrepreneurs end up posting infrequently or skipping video entirely, missing massive opportunities for customer connection.
AI, Global Security News, malware
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.
AI, Global Security News, Risk Management
GIGABYTE Launches MO27Q28GR OLED Gaming Monitor in Australia, the Only Brand Offering Both Glossy and Matte 4th Gen WOLED Options
GIGABYTE, the world’s leading computer brand, announces today the MO27Q28GR, a 27-inch QHD gaming monitor featuring a glossy OLED panel, is now available in Australia. Building on the success of the MO27Q28G, this new variant expands the lineup to offer greater flexibility for gamers and creators. With both glossy and matte options available, GIGABYTE becomes…
AI, Global Security News
GIGABYTE Launches MO27Q28GR OLED Gaming Monitor in Australia, the Only Brand Offering Both Glossy and Matte 4th Gen WOLED Options
GIGABYTE Launches MO27Q28GR OLED Gaming Monitor in Australia, the Only Brand Offering Both Glossy and Matte 4th Gen WOLED Options. Entertainment & Gaming…
AI, Data Breaches, Global Security News, Risk Management
Fusion Signage achieves ISO 27001 certification and hits 20,000 user licence milestone
In what is turning out to be a month of major achievements Fusion Signage, often referred to as Australia’s user-friendliest digital signage software, has officially achieved ISO 27001 certification and hit their 20,000 user licence milestone all in the same week. Fusion Signage MD James Ingram ISO 27001 is the leading international standard for information security…
AI, Global Security News
UiPath advances AI-driven enterprise operations with Databricks and expands partnership with Deloitte
UiPath (NYSE: PATH), a leader in agentic business orchestration, has announced that it is a validated technology partner of Databricks, the Data and AI company. This partnership introduces tailored integrations designed to bring intelligence, automation, and AI together to power the next generation of intelligent business operations.
AI, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management, Venture
Guardz Warns MSPs of Cloud Ransomware and BEC Risks
Today, cybersecurity firm Guardz released its 2026 State of MSP Threat Report, a deep dive into how Artificial Intelligence and identity-first attacks have completely flipped the script for MSPs and the small businesses they protect. The report reveals that AI has officially killed the obvious phishing email. Gone are the days of spotting a scam…
AI, Global Security News
LogicMonitor defines the autonomous IT era with AI that sees, reasons, and acts
COMPANY NEWS: Unified platform delivers complete visibility, contextual AI, and governed action across the digital environment.
AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Russia
Signal Phishing Campaign Targets German Officials in Suspected Russian Operation
Suspected Russian phishing via Signal targeted German officials, exploiting trust to access accounts and sensitive political communications. A new wave of cyber operations targeting European political leadership is once again highlighting how modern espionage increasingly relies on deception rather than technical exploits. Recent investigations by German authorities point to a large-scale phishing campaign conducted via…
AI, Global Security News
7 Candy AI Alternatives Compared: Better Chatbot Companions and Pricing
Candy AI rocketed to roughly 35 million monthly visits in 2025, proving there’s real appetite for an anything-goes AI girlfriend experience. Yet many users feel the sugar-high crash: conversations flatten after a dozen lines, memory resets around the 15-message mark, and add-on charges for photos or voice push real costs far beyond the $13.99 base…
AI, Global Security News, Risk Management
Ping Identity Warns of Emerging Authorisation Risks as AI Agents Scale Across Enterprises
COMPANY NEWS: New KuppingerCole Analysts research, commissioned by Ping Identity, defines how enterprises can govern AI agents at runtime to close emerging authorization gaps
AI, Exploits, Global Security News
Sevii unveils Cyber Swarm Defense Mode to stop AI-driven attacks at scale
Sevii has unveiled a new capability designed to stop high-volume, AI-powered cyberattacks at machine speed and scale, without the burden of unpredictable AI token costs. Sevii’s Cyber Swarm Defense Mode (CSD) addresses a critical gap created by AI, namely the inability to sustain cyber performance and cost efficiency during large-scale, AI-driven attack swarms. As technologies…
AI, china, Data Breaches, Global Security News, Network Security
Alleged Chinese hacker extradited to US over cyberattacks targeting COVID-19 research
Chinese national Xu Zewei was extradited from Italy to the United States to face charges tied to an alleged cyber espionage campaign that breached thousands of computers worldwide. Xu is charged alongside Zhang Yu, who remains at large. According to court documents, officers of China’s Ministry of State Security (MSS), including its Shanghai State Security…
AI, Compliance, Global Security News
GitLab Deepens Integration with Anthropic’s Claude Models to Accelerate Secure Software Development
COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call Anthropic’s newest Claude models, with every action governed by GitLab’s existing compliance, audit, and policy framework; no separate governance layer required. Enterprises can access Claude models, including the newly released Claude Opus 4.7, through GitLab via Google Cloud and AWS Bedrock to route…
AI, Global Security News
Intel and FPT Collaborate to Advance AI-Driven Autonomous Factories with Digital Manufacturing Platforms
The collaboration brings together Intel’s advanced factory simulation and AI optimisation technologies with FPT’s digital manufacturing platforms to improve throughput, reduce bottlenecks, and accelerate the transition toward autonomous factory operations.
AI, Apps, Global Security News
Cequence Agent Personas bring granular control and governance to enterprise AI agents
Cequence Security has announced the general availability of Agent Personas in Cequence AI Gateway. These capabilities give enterprises granular, infrastructure-level control over what AI agents can do, down to individual tool calls, closing a critical privilege gap that identity alone cannot address. As organizations deploy AI agents to connect to enterprise applications via the Model…
AI, Cybersecurity, Global Security News, Risk Management
Shadow AI is Creating New Security Blind Spots for Australian Organisations
GUEST OPINION: Employees are increasingly using artificial intelligence (AI) tools at work, often without formal approval or oversight. A Gartner survey of cybersecurity leaders revealed that 69% of organisations suspect or have evidence that employees are using prohibited public GenAI. This ‘shadow AI’ is emerging as a new source of risk for Australian organisations, as sensitive…
AI, Apps, Global Security News
HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
This weekend, we saw a few requests to our honeypot that included an “X-Vercel-Set-Bypass-Cookie” header. A sample request: GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/ *;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive X-Vercel-Set-Bypass-Cookie: samesite-none-secure Upgrade-Insecure-Requests: 1 X-Forwarded-From: 21.235.92.139 X-Real-Iphone: 21.235.92.139 Referer: [redacted, same…
AI, Global Security News, Network Security
Manhattan Associates and Genuine Parts Company Go Live with Next-Generation Warehouse Management System in Brisbane
Manhattan Associates Inc. (NASDAQ: MANH) and Genuine Parts Company (GPC) have announced the successful go-live of Manhattan Active® Warehouse Management at GPC’s Brisbane distribution centre. The go-live represents the culmination of a large-scale program to modernise GPC’s DC operations, replacing different legacy systems and manual processes with a unified, cloud-native platform designed to improve visibility,…
AI, Global Security News, Risk Management
NowSecure MARI gives enterprises evidence-based visibility into third-party mobile app risk
NowSecure has announced Mobile App Risk Intelligence (MARI), new capabilities that give enterprises evidence-based visibility into third-party mobile apps, as hidden AI features, opaque code, and unseen data flows create a growing governance gap. Employees are adopting mobile apps faster than security teams can evaluate them, and many of those apps now include AI components,…
AI, Global Security News
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. […]
AI, Exploits, Global Security News
Critical Cursor bug could turn routine Git into RCE
Security researchers have disclosed a high-severity vulnerability affecting the Cursor IDE, allowing arbitrary code execution on a developer’s machine through a seemingly routine repository interaction. According to findings by AI pentesting platform Novee Security, once a developer cloned and interacted with a malicious repository, the IDE’s AI agent could trigger embedded Git logic, resulting in…
AI, Global Security News, Risk Management
The metrics killing your SOC, and what to use instead
Security operations centres risk being rendered entirely ineffective if organizations measure them using the wrong performance indicators, according to Dave Chismon, CTO for Architecture at UK’s National Cyber Security Centre. Ticket-based metrics miss the point Evaluating ones’ SOC using the same ticket-based metrics applied to IT service desks can actively work against its core purpose:…
AI, Global Security News, privacy
US state privacy fines reached $3.425 billion in 2025
State privacy regulators across the United States collected $3.425 billion in privacy-related fines from companies in 2025. Gartner said the upward trend is expected to accelerate through 2028. Annual cumulative fines stood at $1.827 billion in 2024, putting the 2025 result at nearly double the previous year’s level. Gartner derived the estimate by compiling and…
AI, Compliance, Cybersecurity, Endpoint, Europe, Global Security News, Government & Policy, malware, privacy, Risk Management
Phishing-to-RMM Attacks: The Remote Access Blind Spot CISOs Can’t Ignore
CISOs are under pressure to prove that their security programs can detect threats early, reduce business risk, and support fast, confident response. But that becomes harder when attackers stop relying on obviously malicious tools. In recent phishing-to-RMM campaigns observed by ANY.RUN analysts, threat actors are using fake Microsoft, Adobe, and OneDrive pages to deliver legitimate…
AI, Global Security News, Network Security
AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations
Explore what’s new in Cisco Catalyst SD-WAN 26.1.1, simplifying SASE adoption, enabling AI-ready networking, and streamlining operations.
AI, Compliance, Global Security News
LogicMonitor Adds AI-Driven Remediation to IT Platform
LogicMonitor is moving past the era of simple alerts. The tech company announced a massive expansion to its unified platform today, aiming to solve the “noise” problem that has plagued IT departments for years. By combining visibility, AI reasoning, and automated action, the company is pitching a new operating model where the system doesn’t just…
AI, Global Security News, Risk Management
The most dangerous AI problem isn’t risk, it’s resistance – so SAS VP Reggie Townsend wants to make governance irresistible
SAS VP of AI ethics, governance, and social impact Reggie Townsend took to the stage at SAS Innovate 2026 today, but he didn’t start by speaking about technology. He started with culture. He put to the audience why governance exists, despite that many today see it as friction. That’s a problem he determined himself to…
AI, Global Security News, Risk Management
Xiaomi releases MIT‑licensed MiMo models for long‑running AI agents
Xiaomi has released and open-sourced MiMo-V2.5 and MiMo-V2.5-Pro under the MIT License, giving developers another potentially lower-cost option for building AI agents that can run longer tasks such as coding and workflow automation. Both models support a 1-million-token context window, the company said. MiMo-V2.5-Pro is designed for complex agent and coding tasks, while MiMo-V2.5 is…
AI, Exploits, Global Security News, Risk Management
Microsoft fixes Entra ID flaw enabling privilege escalation
Microsoft fixed a Microsoft Entra ID flaw where the Agent ID Administrator role could enable privilege escalation and account takeover. Microsoft addressed a flaw in Microsoft Entra ID that could let attackers take over service accounts. The issue involved the Agent ID Administrator role, which manages AI agent identities and access, and could be abused…
AI, Cybersecurity, Exploits, Global Security News
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face’s open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use…
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Risk Management
6 Lessons Security Leaders Must Learn About AI and APIs
Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks, and tune model behavior, which is all necessary work, while the actual attack surface sits largely unexamined underneath. That surface is the API layer: the endpoints AI systems use to retrieve data, call tools, and…
AI, Exploits, Global Security News
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s new model, Claude Mythos, and its Project Glasswing, showed that finding…
AI, Apps, Compliance, Data Breaches, Global Security News, Network Security, privacy, Risk Management
Securing RAG pipelines in enterprise SaaS
In the enterprise SaaS space, AI agents are becoming an integral part of the SaaS product. To make these intelligent agents truly useful, they need contextual, customer-specific knowledge, something standard Large Language Models (LLMs), open source or otherwise, inherently lack since they are not trained on customer proprietary data. Retrieval-Augmented Generation (RAG) is the bridge…
AI, Global Security News
Chip Startup Aims to Shatter AI’s Dreaded Memory Wall
Huge AI models are overwhelming servers and leaving high-powered chips idle. Google and Meta veterans say they have the solution.
AI, Cybersecurity, Exploits, Global Security News
GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control
Every major building in America has three things: a physical address, a legal owner, and an unmonitored attack surface. Related: Sam Altman’s quest to usurp the browswer That surface extends from the ground up through every floor, every facade, and into the airspace above — invisible, commercially exploited, and almost entirely ungoverned. It is the…
AI, Global Security News, Government & Policy, malware, Network Security
New Android spyware Morpheus linked to Italian surveillance firm
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware called Morpheus, distributed through fake Android apps posing as updates. Once installed, it can steal extensive data from the infected devices. The report shows strong demand…
AI, Cybersecurity, Global Security News, Risk Management
What CISOs need to get right as identity enters the agentic era
Identity has always been central to security, but the proliferation of AI agents is rapidly changing the challenge of managing and securing identity, spurring CISOs to rethink their identity strategies — even how it is defined. “Identity is now both a control surface and an attack surface. We’ve had non-human identities as API keys, tokens,…
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Stopping AiTM attacks: The defenses that actually work after authentication succeeds
The security industry has spent years building better authentication. Longer passwords, second factors, hardware tokens. And attackers responded by moving past authentication entirely. Adversary-in-the-middle (AiTM) phishing does not steal credentials and replay them. It sits between the user and the legitimate service, watches a real authentication succeed in real time, and walks away with the…
AI, Global Security News
Microsoft asks iPhone users to reauthenticate after Outlook outage
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. […]
AI, Global Security News
No Metrics Are Better Than Bad Metrics in the SOC, Says NCSC
The National Cyber Security Centre has warned against measuring SOCs with ticket-based metrics
AI, Global Security News
North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures
Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group
AI, Global Security News, Government & Policy
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between…
AI, APAC, Europe, Global Security News, privacy
U.S. companies hit with record fines for privacy in 2025
U.S. states issued $3.45 billion in privacy-related fines to companies in 2025, a total larger than the last five years combined, according to research and advisory firm Gartner. The increase is partly driven in part by stronger, more established privacy laws in states like California, new interstate partnerships built around enforcing laws across state lines,…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links
NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has launched SilentGlass, a new device to protect one of the most overlooked parts of modern IT systems: the physical links between screens and computers. It is a small plug-in security device…
AI, Global Security News
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent’s identity lifecycle…
AI, APAC, Data Breaches, Global Security News, privacy
Weekly Update 501
This is so “peak 2026” – writing an equality policy to ensure people treat our AI bot with the same respect as they do their human counterparts. It’s intentionally a bit tongue-in-cheek, but it’s there for a purpose: we simply don’t have the capacity to deal with every request we get, and we need Bruce…
AI, china, Global Security News
Meta Is Preparing to Have to Undo Its Manus Acquisition After China Ban
The ban sends a message that China is intent on keeping its AI knowledge within the country.
AI, Apps, Compliance, Global Security News
Microsoft, OpenAI change contract terms–again
Microsoft and OpenAI on Monday again revised their agreement, softening their exclusivity and revenue-sharing conditions in the process. These changes underscore how critical it is for enterprises to work with as many AI vendors as practical, given the leapfrogging performance stats as well as the constantly shifting alliances. Both OpenAI and Microsoft issued their own…