Filigran launches XTM One to automate CTEM with AI agents
Filigran has announced XTM One, an AI-native agentic layer that automates Continuous Threat Exposure Management (CTEM) workflows across the Filigran XTM Plat...
General
20 articles
New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications
Atsign’s AI Architect applies cryptographic protections to agentic software development, aiming to prevent attackers from exploiting vulnerabilities by makin...
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage. The post SAP Patches Critical NetW...
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
Targets are encouraged to clone Git repositories to their VS Code or Cursor code editors.
Siemens KACO Blueplanet Inverters
View CSAF Summary KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial n...
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and autom...
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
A newly disclosed “Ghost-Sender” flaw is exposing Microsoft Exchange Online environments to large-scale email spoofing attacks, allowing threat actors to byp...
Handala Claims Israeli Radar Hack, But Evidence Shows Phone Admin Panel
An Iranian-linked hacker group called Handala claimed to have hit Israeli military targets with massive cyberattacks on Sunday,…
Microsoft Entra Agent ID Logs Expose Suspicious Assistive Agent Activity
Microsoft Entra Agent ID logs have exposed a subtle but consequential threat vector: assistive agents using the OAuth On-Behalf-Of (OBO) flow to act with del...
Apple expands what parents can block, approve, and limit
Apple has previewed a set of new child safety features coming to iPhone, iPad, and the Mac later this year, expanding parental controls with tools that help ...
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called F...
Mythos Preview can weaponize N-day vulnerabilities in hours
Mythos Preview can develop working exploits from newly disclosed software vulnerabilities in hours, cutting down a process that has historically taken days o...
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in ...
Scanner Results Are a Starting Point. Here's What Comes Next. - Federico Kirschbaum - ASW #386
Zero Trust: Beyond the hype, toward reality
Security is approaching Zero Trust all wrong. Vendors are promising too much and delivering too little.
Cybercriminals: the 'auditors' you never hired
Every organisation gets audited. The question is who does the auditing.
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
In 2026, the traditional network perimeter is obsolete. With the widespread adoption of remote and hybrid work models, multi-cloud environments, and a prolif...
Treating AI agents like service accounts for federated query security
In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environm...
CrowdStrike 2026 Technology Threat Landscape Report: China’s Ambitions Fuel Attacks
The security questions around Chinese AI coding models in U.S. software
Software developers across the United States are using AI models built in China to write, debug, and review code, drawn by prices below those of American alt...