Next-generation enterprise defense: Managing risk in the age of agentic AI
The advent of agentic AI demands re-engineered AI-powered SASE architectures.
SC Media
20 articles
Discord implements end-to-end encryption for voice and video calls
The popular platform, which serves an estimated 690 million registered users, extended its open-source DAVE encryption protocol to cover all its clients, inc...
The AiTM problem nobody's architecture actually solves
Accountability becomes the big issue following a breach – does the team know who’s responsible for what?
FBI warns of surge in crypto ATM scam losses, exceeding $388 million
Cybercriminals are reportedly instructing victims to withdraw cash and deposit it into crypto kiosks, which then transfer the funds to attacker-controlled wa...
Max-severity vulnerability in ChromaDB allows unauthenticated remote code execution
The vulnerability affects the Python API server logic within the PyPI package, which sees nearly 14 million monthly downloads.
Drupal releases emergency security update amid exploit concerns
While the specific type of vulnerability has not been disclosed, the urgency of the advisory suggests a serious flaw with a potentially short window between ...
Huawei zero-day flaw reportedly caused Luxembourg telecom outage
The outage was triggered by specially crafted network traffic that exploited a previously unknown vulnerability in Huawei enterprise routers, forcing them in...
Storm-2949 actor targets Microsoft 365 and Azure environments
Storm-2949 initiates attacks by targeting users with privileged roles, such as IT personnel or senior leadership, using social engineering tactics to obtain ...
Microsoft to phase out SMS authentication for account recovery
Microsoft has announced it will begin phasing out SMS-based authentication and account recovery, citing it as a leading source of fraud.
Microsoft disrupts Fox Tempest malware-signing service
Fox Tempest operated a platform called signspace[.]cloud, which allowed threat actors to obtain short-lived Microsoft-issued certificates via Artifact Signing.
Microsoft addresses Windows Update failures in restricted environments
The failures occur in environments with strict network limitations, including air-gapped systems and heavily firewalled networks.
Major U.S. telecom companies form new cybersecurity information sharing group
The C2 ISAC, founded by AT&T, Charter, Comcast, Cox, Lumen, T-Mobile, Verizon, and Zayo, aims to foster more candid information exchange than previously ...
Poland directs officials to cease Signal use amid cyberattack concerns
The cyberattacks did not compromise Signal's encryption but instead relied on social engineering and account takeover tactics.
Darwinium updates mobile SDKs to detect in-session fraud and account farming
The updated SDKs are designed for banks, payment providers, and digital businesses facing sophisticated fraud that occurs after initial authentication.
Sola Security launches Lumina to reduce security alert noise
Lumina aims to solve the persistent problem of too many cybersecurity tools generating excessive noise, with the average enterprise using 83 tools.
Verizon DBIR 2026: Vulnerability exploits top initial access as patching coverage falls
The report also highlighted ransomware trends and the evolving role of AI in breaches.
Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI - Rob Allen - BSW #448
Torq acquires Jit.io to enhance AI-driven security operations
Jit.io, founded in 2021, initially offered a security-as-code platform for developers, consolidating various application security and DevSecOps tools.
CISA contractor's public GitHub repo exposed sensitive government credentials
The repository, named "Private-CISA" and maintained by contractor Nightwing, exposed AWS administrative credentials, access keys, tokens, plaintext usernames...