Security experts are calling on enterprises to revise their vulnerability management strategies and move towards “just in time” patching in response the…
News
NPM ecosystem hit with two new supply chain compromises
Attacks targeting developer ecosystems are increasing in frequency and sophistication, with Node.js developers firmly in this week’s crosshairs, as multiple npm packages…
New Windows Bind Link techniques let attackers evade EDR, security controls
Attackers who already have administrator privileges on a Windows machine have newer ways to slip past endpoint security without exploiting a vulnerable…
White House launches AI-driven vulnerability clearinghouse to speed cyber remediation
The White House is expanding the use of AI beyond cyber threat detection into vulnerability management, launching a new program that aims…
New bugs in Claude for Chrome allow extensions to abuse AI privileges
Two vulnerabilities found in Anthropic’s Claude for Chrome extension remain exploitable months after they were reported to the company, a research by…
When 80,000 fans log on at once: The 2026 World Cup’s unique cybersecurity issues
With the World Cup in full swing, stadiums across North America are currently accommodating thousands of fans every match day. That said,…
Cybersecurity needs more prevention and less reliance on cure
Ask any medical doctor, and they’ll tell you that prevention is better than cure. It’s more cost-effective and it has better outcomes….
7 skills and traits of elite security engineers
Security engineers play a pivotal role in enterprise cybersecurity, because they are the professionals who design, build, and deploy security systems to…
Microsoft is forcing an enterprise transition to passkeys
Passkeys have been around for some time, but enterprise-wide adoption to this point has been slow for a number of reasons. But…
Patch Tuesday roundup: Microsoft fixes a monthly record 569 holes; SAP patches a critical memory corruption bug
Earlier this month Microsoft warned that, because the latest AI models can now help discover vulnerabilities, CSOs will see a higher volume…