New Lumu Defender Capabilities Provide Visibility Beyond the Network
Lumu announced major upgrades to its Lumu Defender NDR platform, extending its Continuous Compromise Assessment beyond the network to endpoints, cloud workloads, and user identities. The enhanced solution now correlates malicious network traffic with specific devices, accounts, and cloud services, delivering real‑time visibility across the entire digital estate. New features include an endpoint agent that can automatically isolate compromised hosts, identity analytics that flag anomalous logins, and cloud monitoring that spots suspicious data transfers. The capabilities are available immediately and will be showcased at RSAC.
Vigil: The First Open-Source AI SOC Built with a LLM-Native Architecture
Vigil, launched at RSA Conference 2026, is the first open‑source AI‑driven Security Operations Center built on a native LLM architecture. It ships under an Apache 2.0 license with 13 specialized AI agents, more than 30 integrations and over 7,200 detection rules...
Databricks Enters Cybersecurity Market with Lakewatch Launch, Bulking up Ahead of IPO
Databricks is entering the cybersecurity arena with Lakewatch, an AI‑powered security‑information‑and‑event‑management (SIEM) platform that leverages large language models to automate threat detection. Early adopters such as Adobe, National Australia Bank and Anthropic are already using the service, which is priced...
How a Large Bank Uses AI Digital Twins for Threat Hunting
JPMorgan Chase is deploying an AI‑driven system that creates digital fingerprints and digital twins to monitor employee and AI‑agent behavior across its global workforce. The technology flags anomalous actions, rates their malicious potential, and contextualizes them against external events, aiming...
CyberProof Unveils Reveal360 Hub for Security and Business Outcomes
CyberProof, a UST company, launched CDC Reveal360, a centralized visibility hub that consolidates threat, exposure, defense, and asset data into role‑specific workspaces. The platform delivers continuous insights into security posture, service performance, and operational outcomes for CISOs, security managers, and...
Novee Introduces Autonomous AI Red Teaming to Hunt LLM Vulnerabilities
Novee unveiled an autonomous AI red‑team agent designed to probe large language model (LLM) applications for security flaws. The platform continuously simulates sophisticated attack scenarios such as prompt injection, jailbreaks, and data exfiltration, delivering detailed vulnerability assessments and remediation guidance....
Barracuda Expands BarracudaONE Platform and Overhauls Partner Success Program
Barracuda Networks announced a major upgrade to its BarracudaONE platform, adding enhanced email protection for Google Workspace, a broadened SecureEdge Access solution that bundles SASE, zero‑trust, and AI policy controls, and a new AI Security layer that monitors generative‑AI usage...
F5 and Forcepoint Partner to Secure AI Across Data and Runtime Lifecycle
F5 and Forcepoint announced a partnership to secure AI throughout its data and runtime lifecycle. The joint solution merges Forcepoint’s AI‑native data discovery and classification with F5’s AI Red Team and Guardrails features. It enables real‑time vulnerability detection, policy enforcement,...
How to Master Multi-Source Intelligence with AI Agents
Swimlane’s Hero AI Threat Intelligence Agent tackles the long‑standing threat‑intelligence correlation problem by automatically aggregating data from multiple feeds—VirusTotal, Recorded Future, Cisco Umbrella, and others—and synthesizing a single, explainable assessment. The agent applies a reasoning engine that weighs source reliability,...
The Cost of Delaying Password Security for Businesses
Weak passwords cause 81% of data breaches, exposing businesses to costly fallout. Each password reset averages $70 and consumes 30% of IT staff time, amplifying operational expenses. Zoho Vault, included free with Zoho Workplace, provides centralized password management, strong generation,...
Detectify Uncovers Hidden Assets and Risks Across Entire IP Ranges
Detectify has introduced IP Range Scanning, a service that continuously discovers and monitors entire CIDR blocks to surface forgotten assets and hidden risks. The tool goes beyond traditional domain‑focused scanners by detecting services on non‑standard ports and exposing high‑risk databases...
LiteLLM Python Package Compromised by Supply-Chain Attack
A malicious .pth file was discovered in the LiteLLM 1.82.8 wheel on PyPI, automatically executing a credential‑stealing script whenever the Python interpreter starts, without any import of the library. The payload gathers environment variables, SSH keys, cloud provider credentials, and...
3.1 Million Impacted by QualDerm Data Breach
QualDerm Partners disclosed that a December 2025 cyber‑attack compromised the personal, medical, and health‑insurance records of more than 3.1 million individuals. Attackers accessed the network for two days, exfiltrating data from a limited set of systems before the breach was detected...
AiStrike Launches Continuous Detection Engineering at RSA 2026
AiStrike unveiled Continuous Detection Engineering at RSA 2026, a platform that shifts security operations from reactive alert triage to proactive, detection‑as‑code optimization. The solution claims up to a 90% reduction in alert noise by continuously validating and refining detection rules...
Ghost Campaign Uses 7 Npm Packages to Steal Crypto Wallets and Credentials
Security researchers have identified a new "Ghost" campaign that distributes seven malicious npm packages under the author name mikilanjillo. The packages masquerade as popular React utilities and AI trading tools, prompting developers to enter their sudo password during a fabricated...
Xona Targets Real-Time Threat Response in OT Remote Access
Xona Systems unveiled an Active Defense capability that automatically reacts to suspicious behavior during OT remote‑access sessions. The feature links detection platforms to session‑level enforcement, enabling actions such as step‑up authentication, access limitation, or session termination in real time. Initially,...
32% of Top-Exploited Vulnerabilities Are over a Decade Old
Cisco Talos’s 2025 Year in Review shows exploitation timelines are compressing: newly disclosed flaws like React2Shell are weaponized within weeks, while 32% of the top‑targeted vulnerabilities are over a decade old, exemplified by the lingering abuse of Log4Shell. Attackers favor...
Coro Expands AI-Driven Security Ops, Automates 92% of Alerts
Coro announced expanded AI‑driven security operations that automate the full detection‑to‑remediation lifecycle. Over the past year the platform automatically handled 92.3% of security tickets worldwide, moving beyond alerting to real‑time response. New features include automated triage, SOC‑level response actions, and...
How Potentially Unwanted Programs Affect Healthcare Data Privacy and Compliance
Healthcare’s rapid digitization has expanded electronic health records, cloud services, and connected devices, but it also widens the attack surface for potentially unwanted programs (PUPs). These low‑profile applications often arrive through bundled installers or browser extensions, silently collecting and transmitting...
No Successful Hacking of eGov App Despite 1,000 Daily Attempts — DICT
The Department of Information and Communications Technology (DICT) reported that its eGov mobile app has withstood over 1,000 daily cyber‑attack attempts, including spikes of 5,000‑6,000 attempts, without any successful breach. Officials attribute this resilience to multiple security layers, full‑data encryption,...
Microsoft Details AI Prompt Abuse Techniques Targeting AI Assistants
Microsoft released a detailed guide on AI prompt abuse, outlining how crafted inputs can manipulate large language models to bypass safety controls and expose sensitive data. The guide categorizes attacks into direct prompt overrides, extractive abuse, and indirect injection via...
Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
Citrix has issued emergency patches for a critical‑severity vulnerability, CVE‑2026‑3055 (CVSS 9.3), that enables an out‑of‑bounds read and sensitive memory leak in NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider. The update also fixes CVE‑2026‑4368, a high‑severity...
Launch of NetRise Provenance Reveals Who and What Are Behind Open Source, And How Risk Propagates Through the Supply Chain
NetRise, a software supply‑chain security firm, launched NetRise Provenance, a product that links open‑source components to their maintainers and assesses contributor risk across enterprise portfolios. The solution enriches SBOMs with provenance data, offering a policy engine that can automatically block...
Infobip Bolsters Fraud Protection for Enterprises with T-Mobile Network API Offerings
Infobip has partnered with T‑Mobile to embed the carrier’s network APIs into its AI‑first cloud communications platform, creating a unified solution for enterprise fraud protection. The integration leverages CAMARA Open Gateway standards, allowing developers to verify device possession and authenticate...
From AI Firewalls to Ethical Hackers: NS and Alstom on Cybersecurity
Dutch Railways (NS) is scaling its cyber defenses, now employing 140 specialists and allocating roughly $545 million to IT security. The firm runs a Red Team of ethical hackers and has deployed an AI‑powered firewall that monitors train‑level IP traffic. NS...
ITDR Won’t Save You if You Can’t Recover – Quest Research
Quest’s State of ITDR 2026 research reveals that while financial institutions have heavily invested in identity threat prevention and detection, recovery capabilities remain a critical gap. Nearly 80% of organisations lack adequate tooling to restore identity infrastructure, with 24% never...
Akamai Updates Guardicore Segmentation with AI to Automate Zero-Trust Policy Enforcement
Akamai Technologies unveiled AI‑enhanced capabilities for its Guardicore Segmentation platform, targeting zero‑trust enforcement in hybrid and multicloud environments. The new features continuously discover application behavior, automatically generate enforcement‑ready policies, and simulate impact before rollout. Proof‑driven enforcement and delegated owner workflows...
Operator of X Denies Japan Gov't Request to Extend Data Retention Period
The Japanese Ministry of Internal Affairs and Communications asked X Corp. to extend its data‑retention window for communication logs to three‑to‑six months to aid defamation investigations. X declined, saying its internal standard of one to two months would become costly...
Globe Turns over IMSI Catcher Detectors over to the NTC, CICC, CIDG to Help Fight Mobile Scams
Globe has transferred IMSI catcher detectors to the Philippines’ National Telecommunications Commission, the Cybercrime Investigation and Coordinating Center, and the Criminal Investigation and Detection Group to strengthen the fight against mobile scams. The detectors enable real‑time identification and location of...
Security Researchers Are in the Last-Chance Saloon to Save Their Jobs From AI
At the BSides security conference in San Francisco, former HackerOne chief policy officer Katie Moussouris warned that AI‑driven automation threatens the jobs of security researchers. She stressed that vulnerability detection still relies on human intuition and expertise. Moussouris, who launched...
Banks Urged to 'Shift Left' To Fight Elder Fraud
Elder financial exploitation cost U.S. seniors $4.9 billion in 2024, prompting banks and credit unions to adopt a “shift left” strategy that intervenes earlier in the fraud kill chain. Speakers at RSAC 2026 urged financial institutions to break down cyber‑fraud silos,...
Dutch Finance Ministry Hit By Hack
The Dutch Finance Ministry restricted access to several computer systems after detecting a hack on March 19. The intrusion affected internal processes in the policy department but left tax, customs and benefits services uninterrupted. Officials attribute the attack to the ShinyHunters...
7 Safeguards for Observable AI Agents
Enterprises are moving AI agents from pilots to production, prompting DevOps teams to adopt observability practices that capture every interaction. Experts outline seven safeguards, starting with clear success criteria and operational governance, then defining the exact data to track—prompts, model...
Better Safe Than Sorry: A Gold-Standard Approach To Cybersecurity
Cypress‑Fairbanks ISD, one of Texas’s largest districts, earned the Trusted Learning Environment (TLE) certification, joining only eight other districts statewide. The district instituted a dedicated staff role to oversee vendor data‑privacy agreements and leverages the Student Data Privacy Consortium and...
CIS Signs Strategic Collaboration Agreement with AWS to Advance CIS Hardened Images
The Center for Internet Security (CIS) has signed a strategic collaboration agreement with Amazon Web Services (AWS) to broaden the reach of CIS Hardened Images, pre‑configured virtual machine templates aligned with CIS Benchmarks. The partnership deepens a 25‑year relationship, embedding...
Anvilogic Launches Agentic Workflow Automation for AI SOC
Anvilogic unveiled Blueprints, an agentic workflow automation layer for its AI‑SOC platform, at RSA 2026. The feature lets senior analysts capture their investigative methods in natural language and deploy reusable AI‑driven playbooks within a day. By running on the Enterprise Security...
Exein Unveils Next-Generation Runtime Security to Protect the AI-Native World
Exein introduced Photon, a kernel‑level runtime security platform that blocks malicious code before it executes, targeting AI‑native environments such as IoT, edge, and autonomous systems. By moving protection from user‑space detection to pre‑emptive kernel enforcement, Photon eliminates attack windows and...
BBB National Programs Backs CBPR 2.0
BBB National Programs praised the Global Cross‑Border Privacy Rules Forum for finalizing CBPR 2.0, a major update that tightens consumer data protections and accountability in cross‑border transfers. The revision adds stronger safeguards for sensitive and children’s data, a “Preventing Harm” principle,...
Gcore Radar Report Reveals 150% Surge in DDoS Attacks Year-on-Year
Gcore’s Q3‑Q4 2025 Radar report shows a 150% year‑on‑year jump in DDoS incidents, with attack counts climbing to 1.3 million in Q4 2025. Peak traffic surged to 12 Tbps, a six‑fold rise over the previous year, while network‑layer attacks now represent 82% of all...
Channel Partners Are Sleepwalking Into an AI Code Generation Trap
Managed Service Providers are being asked to deliver full AI‑enhanced development stacks, but rapid adoption of AI code generators introduces hidden security risks. Studies show nearly half of AI‑generated code snippets contain vulnerabilities and 67% of organizations fail to assess...
RSAC 2026: ZeroTier Launches ZeroTier Quantum, the World’s First End-to-End Quantum-Secure Networking Platform
ZeroTier announced ZeroTier Quantum at RSAC 2026, positioning it as the world’s first end‑to‑end quantum‑secure software‑defined networking platform. The solution meets the highest NIST and NSA CNSA 2.0 post‑quantum standards and promises on‑wire, data‑center‑level speeds. Built on a Rust‑based ZeroTier Transport...
Cybercriminals Have Open Access to Enterprise PCs 76 Days Per Year, According to New Research From Absolute Security
Absolute Security’s 2026 Resilience Risk Index reveals that endpoint security software fails to protect devices about 21% of the time, leaving enterprise PCs exposed for an average of 76 days per year. The report highlights a 127‑day average lag in...
SA’s Digital Economy Is Booming – but so Is the Fraud that Comes with It
South Africa’s digital economy is expanding rapidly, but telecom‑linked fraud is surging, costing the country roughly R5.3 billion (about $286 million) each year. SIM‑swap attacks now account for nearly 60% of mobile‑banking fraud, and digital banking losses jumped 74% in 2024 to...
The AI Efficacy Asymmetry Problem
Over the past 18 months AI labs have released protocols and models—Anthropic’s Model Context Protocol and Claude Opus 4.6—that let large language models interact directly with browsers, APIs and command‑line tools, turning them into autonomous agents. Both attackers and defenders have integrated...
Safe AI Adoption Rests on Cybersecurity Professionals, Says RSAC Chairman
RSAC executive chairman Hugh Thompson warned that safe AI adoption hinges on cybersecurity professionals. He highlighted AI's dual role—enhancing threat detection while empowering malicious actors, citing Kaseya data that 83% of phishing emails now use AI and 40% of business...
Google Launches Threat Disruption Unit, Stops Short of Calling It ‘Offensive’
Google has unveiled a new Threat Disruption Unit that operates defensively, targeting the infrastructure hackers rely on rather than conducting offensive hacks. The unit will leverage Google’s visibility into global internet services to obtain court orders, expose malicious actors, and...
SentinelOne, Snyk Introduce New Tools for Securing AI Agents
SentinelOne and Snyk unveiled a suite of AI‑agent security tools, including SentinelOne’s Prompt AI Agent Security and Prompt AI Red Teaming, which guard AI data flows and simulate attacks on models. The companies also introduced an AI‑native data pipeline that...
More Launches, More Cyber Threats: Space Force Stands Up Units to Defend Ranges
The U.S. Space Force activated the 630th Cyberspace Squadron at Vandenberg Space Force Base on March 10 to protect launch‑range networks from cyber intrusions. This follows the September reassignment of the 645th Cyberspace Squadron to Space Launch Delta 45 at...
How Capital One Software Is Using Tokens to Turn Dark Data Into a Secure AI Asset
Capital One Software is leveraging format‑preserving tokenization to turn sensitive, unstructured "dark data" into a secure AI asset. At RSAC 2026 the company unveiled expanded Databolt capabilities that automatically scan, classify and tokenize data in PDFs, emails and transcripts. By replacing...
Administration Releases Cyber Strategy, Executive Order on Cybercrime and Fraud
The administration released a National Cyber Strategy aimed at keeping the United States unrivaled in cyberspace, outlining six policy pillars that stress AI deployment and reduced regulation. An accompanying Executive Order directs agencies to develop plans for dismantling transnational cybercrime...
