Verizon DBIR 2026: What the experts are saying
According to the 2026 Verizon Data Breach Investigations Report, the threat environment is transforming in terms of speed, scale, and interconnected risk. Fo...
Information Security Buzz
20 articles
Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground
The Verizon 2026 Data Breach Investigations Report (DBIR) reveals a threat environment moving much faster than many organizations can reasonably protect them...
How EM is Boosting the Career Trajectory of VM Analysts
As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or become outmoded. This necess...
NCSC warns organisations not to rush into agentic AI
UK’s National Cyber Security Centre (NCSC) has advised businesses to proceed with caution when considering the implementation of agent-based AI, suggesting t...
7-Eleven Notifies Franchise Applicants After Breach Exposes Personal Data
A security breach notification process has been initiated by 7-Eleven as a result of a security incident where an outside party was able to gain access to th...
OpenAI rotates certificates after TanStack supply chain attack hits employee devices
OpenAI has confirmed that two employee devices were compromised in the recent TanStack npm supply chain attack, prompting the company to rotate code-signing ...
Microsoft discloses Exchange zero-day with no patch yet available
Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors ...
Beyond deepfakes: Building identity resilience against AI impersonation
Generative AI is changing the economics of identity fraud. Voice cloning, real-time face animation, synthetic documents, and AI-assisted social engineering a...
Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facili...
Tenable warns AI adoption is outpacing governance as cloud exposure risks surge
A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools...
What to do when your AI’s guardrails fail
I want to talk about the Microsoft 365 Copilot bug. Not because it was exceptional, but because what it exposed should change how every organization architec...
Microsoft patches 138 vulnerabilities as AI-driven discovery accelerates
Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May Patch Tuesday release,...
Foxconn confirms cyberattack following Nitrogen ransomware claims
Foxconn has confirmed that several of its North American factories were hit by a cyberattack, after the Nitrogen ransomware group claimed to have stolen 8TB ...
The evolution of cyber risk: Addressing geopolitical threats
Ransomware, data breaches, phishing schemes—cyber attacks can take many forms. Traditionally, the motive of these attackers can often be traced back to some ...
Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak
An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students ...
Zara Owner Inditex Confirms Customer Data Breach Affecting Nearly 200,000 People
Fashion retailer Inditex, the parent company of Zara, has confirmed unauthorized access to customer transaction databases hosted by a third-party provider. D...
Online Safety Act failing to deliver “step change” for children, report warns
A new report published by Internet Matters, reveals that the Online Safety Act (OSA) in the UK, although bringing visibility of online safety tools, does not...
Investigating the aftermath: understanding digital forensics after a cyber incident
Successfully recovering your business from a cyberattack often requires much more than just loading up backups. Although your first instinct is likely to pri...
“Recovery Is the New Prevention”: a Q&A with CSO of Health-ISAC, Errol Weiss
Errol Weiss spent fourteen years in banking and finance before joining Health-ISAC, where he serves as Chief Security Officer. His career has tracked a quiet...
Trelix admits breach on a ‘portion’ of its source code repository
Trellix has disclosed unauthorized access to a portion of its source code repository. However, it did not specify which portion of its source code was access...