AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds
Black Duck's 2026 Open Source Security and Risk Analysis report finds open source vulnerabilities in commercial codebases have more than doubled year‑on‑year. The average application now contains 581 vulnerabilities, a 107% increase, with 98% of codebases using open source components. AI‑assisted development is driving both security flaws and a surge in license conflicts, with 68% of audited codebases showing licensing issues. Organizations lag in governance, as only 24% conduct comprehensive reviews covering security, licensing, IP, and quality.
Forescout Partners with E-ISAC to Bring Threat Intelligence and Research to North American Utilities
Forescout Technologies has become a vendor affiliate of the North American Electricity Information Sharing and Analysis Center (E‑ISAC), extending its threat‑intelligence sharing to U.S. utilities and grid operators. Through its Vedere Labs research unit, the company will feed cyber and...
UK Government-Backed Cyber Security Programme Alumni Raise £47.4m in Follow-On Investment
Innovate UK’s Cyber Security Academic Startup Accelerator (CyberASAP) alumni have attracted £47.4 million in post‑programme funding over the past nine years, with private capital accounting for 68% of that amount. The accelerator, funded by the Department for Science, Innovation and Technology,...
Check Point Software Earns Leader & Fast Mover Position in GigaOm Radar for Cloud Network Security
Check Point Software has been named a Leader and Fast Mover in the GigaOm Radar for Cloud Network Security 2025, marking its third consecutive year at the top. GigaOm highlighted the company’s prevention‑first Infinity architecture, unified cloud security platform, and...
Q&A: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong
Organizations are pouring billions into cybersecurity yet continue to suffer breaches because they treat security as a purely technical issue. Senior cyber leader Purvi Kay argues that weak governance, poor communication, and unclear accountability are the primary failures. She emphasizes...
When DORA Goes From Afterthought to Commercial Imperative
In mid‑2025, DORA has shifted from a peripheral concern to a commercial imperative for European firms. Companies now see DORA clauses in supplier questionnaires and contract negotiations, with non‑compliance jeopardising deals. The toughest obstacles are supplier oversight, costly threat‑led penetration...
Keeper Commander Introduces SuperShell™
Keeper Security launched SuperShell™, a full‑screen terminal user interface for Keeper Commander, available from version 17.2.7 onward. The TUI provides a split‑view vault browser with vi‑style keyboard shortcuts, searchable panes, raw JSON inspection, and live TOTP display. Designed for developers,...
Black Duck Signs MSSP Agreement with Accenture
Black Duck announced a managed security service provider (MSSP) agreement with Accenture, designating the Black Duck Polaris platform as the standard tool for Accenture’s Application Security Practice. Polaris combines static, dynamic, and software composition analysis into a single SaaS offering,...
EU Commission Breach – The Importance of Upholding Strong Device Management Infrastructure
Last week the European Commission disclosed a cyberattack that compromised its mobile device management (MDM) platform, exposing staff names and phone numbers. Security experts from Huntress, Keeper Security, and CyberSmart warned that MDM systems are now a primary attack vector,...