Fallacy Failure Attack
AI Security Insights for November 2025 - Read more
London councils enact emergency plans after three hit by cyber-attack
Kensington and Westminster councils investigating whether data has been compromised as Hammersmith and Fulham also reports hackThree London councils have reported a cyber-attack, prompting...
Integrating Threat Intelligence and Vulnerability Management: A Modern Approach
Key Takeaways Traditional vulnerability management (VM) overwhelms teams with undifferentiated findings; integrating threat intelligence adds real-world context so you can fix what’s...
The Salesforce-Gainsight Security Incident: What You Need to Know
On November 23, 2025, Gainsight confirmed that it’s actively investigating unusual activity involving its applications that are integrated with Salesforce—an incident that underscores...
Behind the Bargains: Why Phishing Peaks on Black Friday
Black Friday has evolved into one of the most active shopping periods of the year. No longer is it just one day of shopping...
The Shai-Hulud 2.0 npm worm: analysis, and what you need to know
Learn more about the Shai-Hulud 2.0 npm worm. - Read more
Tracking RondoDox: Malware Exploiting Many IoT Vulnerabilities
Over a dozen exploits were used to target IoT devices. - Read more
Choosing a Digital Risk Intelligence Platform: 5 Key Capabilities to Evaluate
Key Takeaways The traditional “digital perimeter” paradigm for enterprise cybersecurity is no longer relevant in today’s online landscape. Instead of defending one’s...
New “Generation Y” Hierarchy of Root and Intermediate Certificates
In a ceremony held in September, Let’s Encrypt generated two new Root Certification Authorities (CAs) and six new Intermediate CAs, which we’re collectively calling...
Why Datadog is a 2025 Cloud Security Leader
A recap of Datadog's awards from the 2025 Latio Cloud Security Market Report - Read more
Latest article
CVE-2026-41940: cPanel & WHM Authentication Bypass
OverviewOn April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In...
Cursor Extension Flaw Exposes Developer API Keys
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX - Read more
CVE-2026-21246 Windows Graphics Component Elevation of Privilege Vulnerability
Acknowledgement added. This is an informational change only. - Read more
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns.
The post ClickUp Data...
