Why Security in 2026 Requires Continuous Threat and Exposure Management (CTEM) at Scale
Let's be honest, the patching window just shrank to something no practitioner or organization can keep up with. Organizations now need to operate in an envir...
Transportation
20 articles
State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls
Palo Alto Networks believes the in-the-wild exploitation of a zero-day vulnerability (CVE-2026-0300) in its firewalls is likely the work of state-sponsored t...
Critical Palo Alto Networks software bug hits exposed firewalls
Palo Alto Networks is warning customers about a critical buffer overflow vulnerability affecting its PAN-OS user-ID authentication portal that is already bei...
Exploits and vulnerabilities in Q1 2026
This report provides statistical data on published vulnerabilities and exploits we researched during Q1 2026. It also includes summary data on the use of C2 ...
CallPhantom Android scam reached 7.3 million downloads on Google Play
Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records...
Legacy Security Tools Are Failing Data Protection, Capital One Software Report Finds
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible withou...
Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided H...
Ten years later, has the GDPR fulfilled its purpose?
This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation, which became mandatory for all companies beginning on Ma...
Open-source MCP server monitoring for Python apps
Pythonic Model Context Protocol servers handle tool calls, session events, module imports, and subprocess activity. BlueRock has released MCP Python Hooks, a...
Multi-model AI is creating a routing headache for enterprises
Application teams are moving AI inference into production systems that support business operations. Enterprises are expanding traffic management, identity co...
Trelix admits breach on a ‘portion’ of its source code repository
Trellix has disclosed unauthorized access to a portion of its source code repository. However, it did not specify which portion of its source code was access...
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details.
New compliance guide available: ISO/IEC 42001:2023 on AWS
We have released our latest compliance guide, ISO/IEC 42001:2023 on AWS, which provides practical guidance for organizations designing and operating an Artif...
Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report
Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging AI Security Operations Center (SOC) r...
Palo Alto Networks warns of critical PAN-OS vulnerability exploited in the wild
The vulnerability, which has a CVSS score of 9.3 when the User-ID Authentication Portal is exposed to untrusted networks, enables unauthenticated attackers t...
DHS mobile device security falls short of standards, inspector general report finds
The Department of Homeland Security's inspector general report found that over three-quarters of the 650 mobile apps installed on devices within the intellig...
Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)
Overview On May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecti...
Intel 471 speeds threat hunting and remediation with Retroactive Threat Detections
Intel 471 has announced Retroactive Threat Detections (RTD), a new capability within its Verity471 platform. RTD helps security teams quickly understand the ...
Proton Mail brings quantum-safe email encryption to all accounts
Post-quantum protection is now available as an optional feature in Proton Mail across all plans, including the free tier. How post-quantum protection works O...
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in ...