When Security Becomes the Attack Surface: Why Endpoint Protection Must Evolve
Attackers are increasingly disabling the very endpoint tools meant to stop them, turning security agents into a primary attack surface. A recent IDC survey shows 61% of organizations suffered third‑party data breaches and more than half are dissatisfied with current endpoint defenses. Lenovo, together with SentinelOne and Absolute Security, unveiled a unified ThinkShield XDR solution that blends AI‑driven threat detection with firmware‑embedded persistence to auto‑restore protection. The model creates a self‑healing loop that keeps agents active even when tampered with, reducing exposure windows.
Hasbro Expects March Cyberattack to Impact Second-Quarter Revenue
Hasbro disclosed that a March 2026 cyberattack will affect its second‑quarter revenue and operating profit. The breach forced key order‑processing, shipping and invoicing systems offline, prompting a forensic investigation and added costs. The company expects most delays to be recovered...
AI-Written Software Creates Hassles for Wary Security Teams
A ProjectDiscovery report finds AI‑generated code is overwhelming security teams. Only 38% of practitioners feel they can keep up, while 60% say the workload is getting harder. Main concerns are corporate secret leakage, supply‑chain risk, and business‑logic vulnerabilities. Security teams...
Iran-Nexus Threat Groups Refine Attacks Against Critical Infrastructure
Iran‑aligned cyber groups have intensified destructive campaigns against critical infrastructure since the February war, deploying data‑wiping malware and novel threats like ZionSiphon that can tamper with water‑treatment controls. High‑profile incidents include a wiper attack on medical‑device maker Stryker and targeted...
Microsoft SharePoint Vulnerability Widely Exposed Across Multiple Countries
A medium‑severity input‑validation flaw in Microsoft SharePoint (CVE‑2026‑32201) has been identified across roughly 1,370 IP addresses worldwide, down from 1,745 a week earlier. The vulnerability enables network‑level spoofing and has been added to the Cybersecurity and Infrastructure Security Agency’s Known...
Phishing — Sometimes with AI’s Help — Topped Initial-Access Methods in Q1, Cisco Says
Cisco’s Talos team reported that phishing reclaimed its position as the leading initial‑access technique in Q1 2026, driven by AI‑enhanced campaigns. Hackers leveraged the Softr AI platform to generate credential‑harvesting sites that mimic Outlook Web Access without writing code, even automating...
CISA Urges Security Teams to View Environments Following Axios Compromise
The Cybersecurity and Infrastructure Security Agency (CISA) released new guidance after a North Korean‑linked actor compromised the npm package manager account of Axios, a widely used JavaScript library. Axios sees millions of weekly downloads, making the breach a high‑impact supply‑chain...
CISA Confirms Exploitation of 3 More Cisco Networking Device Vulnerabilities
CISA added three Cisco networking device vulnerabilities—CVE‑2026‑20122, CVE‑2026‑20128 and CVE‑2026‑20133—to its Known Exploited Vulnerabilities catalog, confirming they are being used in the wild. This brings the total of exploited flaws to four of the six Cisco issues disclosed in February....
Vercel Systems Targeted After Third-Party Tool Compromised
Vercel disclosed that attackers accessed internal systems after a third‑party AI tool, Context.ai, was compromised. An employee’s Google Workspace account was hijacked, exposing non‑sensitive environment variables and credentials for a limited set of customers. Vercel has notified affected clients, urged...
Beyond IT: Cybersecurity Is a Strategic Business Risk
On November 25, 2025 the SEC censured a national securities firm and imposed a $325,000 penalty after a breach exposed the personal data of roughly 8,500 people. The regulator highlighted the firm’s weak cyber‑governance, noting missing multi‑factor authentication and absent incident‑response plans....
Medium-Severity Flaw in Microsoft SharePoint Exploited
Microsoft’s SharePoint platform is being actively exploited via CVE‑2026‑32201, a medium‑severity input‑validation flaw with a CVSS score of 6.5. The vulnerability enables attackers to spoof network traffic and modify confidential data. Threat‑intelligence firm Defused observed a coordinated reconnaissance campaign across...
Brute-Force Cyberattacks Originating in Middle East Surge in Q1
Barracuda reported a sharp rise in brute‑force authentication attacks on network devices during Q1 2026, with roughly 90% of the activity traced to Middle‑East sources. SonicWall and Fortinet FortiGate firewalls were the most frequently targeted, accounting for over half of the...
CISOs See Gaps in Their Incident Response Playbooks
A new Sygnia survey of 600 senior cybersecurity leaders reveals that more than 75% of organizations suffered a cyberattack in the past year, yet 73% of respondents doubt their ability to respond effectively to future incidents. While 99% claim to...
Stryker Warns of Earnings Fallout From March Cyberattack
Stryker disclosed that a March 11 wiper attack linked to the Iran‑backed Handala group disrupted its manufacturing, ordering and shipping systems, denting first‑quarter earnings. The breach wiped data from thousands of devices via the company’s Microsoft Intune environment and forced the...
Threat Cluster Launches Extortion Campaign Using Social Engineering
Google Threat Intelligence Group uncovered a financially motivated threat cluster, UNC6783, running a social‑engineering extortion campaign. The group compromises business‑process outsourcers and targets help‑desk staff to gain footholds in client networks. Attackers deploy fake live‑chat Okta pages and phishing kits...
Trump’s FY2027 Budget Again Targets CISA
President Trump’s FY2027 budget proposal slashes the Cybersecurity and Infrastructure Security Agency’s (CISA) funding by $707 million, roughly a 30 percent reduction from its FY2025 $2.4 billion budget. The administration frames the cuts as a refocus on protecting federal networks and critical infrastructure...
Stryker Restores Most Manufacturing After Cyberattack
Stryker announced that most of its manufacturing sites and critical production lines are back online roughly two weeks after a March 11 cyberattack disrupted order processing, shipping, and manufacturing. The company restored its electronic ordering system for customers and is reconciling...
Why User Behavior Is the Primary Entry Point for Cyberattacks
Cybercriminals are increasingly exploiting human behavior as the primary gateway into enterprises, with credential theft now eclipsing traditional technical exploits. Although perimeter defenses have hardened, 60% of data breaches still stem from user error, amplified by AI‑driven social engineering and...
How OpenClaw’s Agent Skills Become an Attack Surface
OpenClaw, an AI‑agent gateway, gives users deep access to local files, browsers and long‑term memory, but it stores that data in plain‑text files on predictable disk locations. This design creates a low‑effort attack surface: if the host is compromised, an...
6 Trends Redefining Organizations’ Future with IAM
Inductive Automation’s CISO Jason Waits highlights six emerging IAM trends as the company scales, including a 71% surge in session hijacking and expanding identity sprawl across five systems on average. The firm has responded by deepening its use of Cisco...
ISACs Confront AI’s Promise and Peril for Threat Intelligence-Sharing
Information Sharing and Analysis Centers (ISACs) are grappling with how to integrate artificial intelligence into threat‑intelligence workflows while preserving the trust that underpins member collaboration. Leaders from Retail & Hospitality, Health, and Financial Services ISACs highlighted AI’s potential to speed...
Water Utilities Need Hands-On Cybersecurity Help, Not Just Free Guidance, Pilot Program Finds
Microsoft, the Cyber Readiness Institute and CCTI ran a 2023‑2025 pilot to boost cybersecurity at small and medium water utilities. Of 113 utilities that expressed interest, 72 enrolled and only 43 completed the program, but utilities that received a dedicated...
National Cyber Director Expands on Trump Administration’s Vision for AI Security, Industry Collaboration
The Trump administration, through National Cyber Director Sean Cairncross, announced a "secure‑by‑design" approach for emerging AI technologies, positioning cybersecurity as a growth catalyst rather than a barrier. The administration plans to create an industry‑wide information‑sharing group to help AI firms...
Stryker Attack Raises Concerns About Role of Device Management Tool
Stryker, a leading medical‑device maker, suffered a wiper attack that used Microsoft Intune to remotely erase data on thousands of phones and workstations. The Iran‑linked Handala group claimed responsibility, alleging the theft of 50 TB of data and the destruction of...
Coalition of Information-Sharing Groups Warns of Cyber, Physical Attacks
A coalition of ten information‑sharing groups issued a joint advisory warning that Iran‑linked state actors, hacktivists and criminal gangs are escalating cyber attacks against U.S. critical‑infrastructure sites. The advisory cites spear‑phishing, DDoS, wiper malware and backdoor implants as primary tactics,...
Trump Administration Will Test Infrastructure Cybersecurity Approaches in Pilot Program
The Trump administration announced a pilot program to test cybersecurity technologies with specific critical‑infrastructure sectors, including Texas water utilities, South Dakota beef processors, and rural hospitals. National Cyber Director Sean Cairncross emphasized rapid deployment and the rejection of a universal,...
How AI Will Impact Security Careers and What Leaders Should Do About It
Security leaders surveyed in Tines’ Voice of Security 2026 report remain optimistic about AI’s potential, yet 81% report rising workloads and 76% admit to burnout. Teams still spend roughly 44% of their day on manual, repetitive tasks that AI could...
4 Best Practices to Get IAM Implementation Right the First Time
Enterprises are finally receiving budget approvals for identity access management, with 82% of financial decision‑makers increasing spend, according to Cisco Duo’s 2025 State of Identity Security. The article outlines four best‑practice pillars—user experience, staged testing, device health verification, and ongoing...
Palo Alto Networks CEO Sees AI as Demand Driver, Not a Threat
Palo Alto Networks CEO Nikesh Arora told investors AI will drive, not diminish, cybersecurity demand. He argued AI expands attack surfaces, creating new risk categories that require robust security solutions. The company posted 15% year‑over‑year revenue growth to $2.6 billion and...