The European Commission is preparing sweeping revisions to the General Data Protection Regulation (GDPR) that could redefine how enterprises handle personal data…
Date Archives November 2025
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations
Researchers at Microsoft have revealed a new side channel attack named Whisper Leak that can reveal the topic of encrypted conversations between…
Runtime bugs break container walls, enabling root on Docker hosts
Three newly disclosed high-severity bugs in the “runc” container runtime let attackers break out of containers despite standard hardening and isolation controls….
Researchers trick ChatGPT into prompt injecting itself
AI chatbots have opened a new frontier of attack vectors against users and their data, and not even industry leaders are immune….
Why you should purple team your SOC
In my previous article — Your SOC is the parachute — I wrote about how many security operations centers (SOCs) would fail…
CISOs must prove the business value of cyber — the right metrics can help
For most organizations, cybersecurity has always been seen as a cost center rather than a business enabler or revenue driver. Executives perceive…
10 essenzielle Maßnahmen für physische Sicherheit
Wenn physische Security nur immer so simpel umzusetzen wäre… Foto: Leremy | shutterstock.com Obwohl CISOs im Allgemeinen eher selten mit dem gesamten…
Identity Management and Information Security News for the Week of November 7th: Ping Identity, CyberArk, Veza, and More
The editors at Solutions Review have curated this list of the most noteworthy Identity Management and Information Security news from the week…
Defending digital identity from computer-using agents (CUAs)
For years, organizations have relied on passwords and multi-factor authentication (MFA) based on shared secrets like SMS codes and one-time passwords (OTPs)…
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
In a suspected test effort, unknown actors have successfully embedded a strain of ransomware-style behavior, dubbed Ransomvibe, into extensions listed for Visual…