Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX
LayerX researchers disclosed a zero‑click remote code execution flaw in Anthropic's Claude Desktop Extensions (DXT) that leverages Google Calendar events to trigger arbitrary code on the host system. The unsandboxed extensions, which operate with full system privileges, affect more than 10,000 active users and over 50 extensions. Exploitation requires only a benign‑sounding prompt and a specially crafted calendar entry, allowing attackers to execute commands without user interaction. Anthropic has not patched the issue, placing mitigation responsibility on end‑users and their security controls.
Fraud Prevention Is a Latency Game
Fraud prevention hinges on ultra‑low latency, with most digital transactions allotted only 50‑100 milliseconds to authenticate, fetch data, and score a model. Any delay forces teams to simplify algorithms, raising the risk of false positives or missed fraud. Multi‑stage architectures mitigate...
Why Attackers No Longer Need to Break In: The Rise of Identity-Based Attacks
Attackers increasingly purchase stolen credentials on dark‑web markets, enabling silent, long‑duration breaches without traditional malware. Identity‑based attacks now dominate, with 97 % involving passwords and machine accounts outnumbering human users by roughly 82 to 1, creating unmanaged attack surfaces. Social‑engineering phone...
Your PQC Pilot Might Fail, and That’s Okay
Enterprises are moving from curiosity to action on post‑quantum cryptography (PQC), launching pilots that often stumble because existing stacks lack support. The article argues that pilot failures are intentional, serving to surface interoperability, skill and inventory gaps before regulatory or...
The Other Offense and Defense
The Super Bowl is portrayed as a live‑fire cybersecurity exercise where a temporary mega‑enterprise of stadium, broadcast, betting and IoT systems is assembled in days. This massive, multi‑vendor environment expands the attack surface dramatically, forcing security teams to adopt zero‑trust,...
Asset Intelligence as Context Engineering for Cybersecurity Operations
The article introduces Asset Intelligence as a disciplined approach to context engineering for cybersecurity operations. It argues that fragmented security data—ranging from patch status to identity records—creates contradictory views that hinder both human analysts and AI agents. By aggregating, correlating,...
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Enterprise security leaders confront a convergence of U.S. state privacy laws, the EU's DORA and AI Act, and exploding AI data demands, all of which amplify permission sprawl. With 91% of offboarded employees still retaining file access, the attack surface...
IT Gives, Security Takes Away, and Configuration Drift Is the Hidden Cost
Configuration drift—incremental, often unnoticed changes to security settings—has become a major hidden threat for enterprises. Modern, hyper‑configurable security platforms and frequent temporary exceptions cause the drift to accelerate, eroding a company’s security posture over time. High‑profile breaches such as Colonial...
ACFW Firewall Test Prologue – Still Failing at the Basics
The forthcoming Advanced Cloud Firewall (ACFW) test reveals that a significant number of cloud firewall vendors are unable to block basic application‑layer attacks such as SQL injection, command injection, SSRF and API abuse, with detection rates often below 20%. While...
Significant Ransomware & Firewall Misconfiguration Breach
Marquis, a fintech provider, suffered a ransomware breach traced to misconfigured legacy SonicWall firewalls and exposed backup files. The attackers leveraged publicly accessible configuration data to map the network and deploy ransomware without triggering traditional alerts. The incident highlights how...
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
APT28, a Russia‑linked threat group, is exploiting a newly disclosed Microsoft Office zero‑day through crafted Office and RTF documents delivered via phishing emails. The vulnerability enables unauthorized code execution without macros, allowing lightweight loaders to establish command‑and‑control while evading traditional...
Why Moltbook Changes the Enterprise Security Conversation
Moltbook is a social platform where AI agents register, read, and post content autonomously, creating a hidden communication channel that bypasses traditional human‑centric security controls. Enterprises can deploy agents that interact with Moltbook long after an initial prompt, exposing data...
DMARC Alerts in Slack
EasyDMARC now pushes DMARC and email‑authentication alerts straight into Slack, turning a traditionally passive control into an active operational signal. The integration delivers high‑signal events—such as DNS record changes, authentication‑failure spikes, and policy shifts—complete with domain, severity and rationale, while...
Rebrand Cybersecurity From “Dr. No” To “Let’s Go”
The article urges a cultural shift in cybersecurity, moving from a restrictive "Dr. No" stance to an enabling "Let's Go" approach. It highlights Cross Domain Solutions (CDS) as a hidden but critical technology that securely transfers and accesses data across...
Building a Zero-Trust Framework for Cloud Banking
Financial institutions are moving beyond perimeter‑based defenses by adopting zero‑trust frameworks that continuously validate identities, devices, and services across multi‑cloud environments. The approach combines identity‑first security, micro‑segmentation, and AI‑driven risk analytics to meet stringent regulations such as PCI DSS, DORA, GDPR,...
Adversarial Exposure Validation for Modern Environments
Adversarial Exposure Validation (AEV) is a continuous, attacker‑style testing framework that proves whether identified exposures can actually be exploited in modern cloud and CI/CD environments. By combining automated PTaaS and BAS with human‑driven red‑team exercises and pipeline‑level validation, organizations receive...
DataDome Integrates Bot Protection with Varnish Software’s New Sovereign CDN
Varnish Software launched Varnish CDN, a fully sovereign European content delivery network that keeps all traffic, data, and metadata within EU jurisdiction. DataDome integrated its AI‑powered bot and agent trust management directly into the CDN, delivering real‑time protection against scraping,...
Jan Recap: New AWS Privileged Permissions and Services
In January 2026 AWS introduced a suite of privileged permissions focused on networking, traffic control, and collaboration services. New actions for Network Firewall, Route 53 Global Resolver, EC2 VPC encryption controls, and Clean Rooms enable administrators to modify routing, firewall rules, and cross‑account...
Self-Healing AI for Security as Code: A Deep Dive Into Autonomy and Reliability
Self‑healing AI is reshaping cybersecurity by automatically detecting and fixing vulnerabilities within DevSecOps pipelines. Microsoft’s large‑scale deployments illustrate how autonomous, AI‑powered “immune systems” can protect millions of users in real time. The article stresses that pure automation risks over‑reliance, so...
Why Identity Threat Detection & Response Matters in 2026?
Identity Threat Detection & Response (ITDR) has become a core security pillar in 2026 as enterprises shift to cloud, remote work, and SaaS ecosystems, making compromised credentials the primary breach vector. Traditional defenses miss malicious activity that occurs after successful...
What Verified Breach Data Changes About Exposure Monitoring
Exposure monitoring relies on unverified breach feeds, leading to duplicate, fabricated, and stale alerts. Without validation, teams waste time triaging false positives and lose confidence in their programs. Verified breach data, as offered by Constella, provides source confirmation, de‑duplication, timestamps...
NDSS 2025 – VeriBin: Adaptive Verification Of Patches At The Binary Level
VeriBin is a novel system that automatically verifies whether a binary‑level patch is safe to apply by checking functional equivalence between the original and patched executables. It leverages symbolic execution to isolate patch‑introduced changes and validates them against properties that...
NjRAT Runs MassLogger
The long‑standing njRAT remote‑access trojan was observed delivering the credential‑stealing malware MassLogger via its C2 traffic. Using NetworkMiner Professional, analysts decoded PCAP data, extracting screenshots, command parameters and gzip‑compressed executables. The “CloudServices.exe” payload, identified as MassLogger, exfiltrates credentials by emailing...
Top Cybersecurity Companies
Cybersecurity vendors are shifting from point products to AI‑driven unified platforms that combine SIEM, XDR, SOAR and threat intelligence. Companies like Seceon illustrate this trend by offering a fully integrated, machine‑learning‑based solution that scales across cloud, on‑prem and MSSP environments....
How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
Between Jan 8‑13 2026 a global sports organization faced a coordinated ticket‑scalping attack that generated over 16 million malicious requests from 3.9 million unique IPs. DataDome’s Galileo Threat Research team identified the threat in real time and deployed AI‑driven detection that blocked every request...
Shift Left Is Dead for Cloud PAM
In this episode, Cole Horsman, Field CTO at Sonrai Security, recounts his three‑year journey trying to apply shift‑left and just‑in‑time (JIT) models to cloud identity, ultimately concluding that both approaches failed because they target the wrong layer. He explains how...
Is Data Center Colocation Secure? What CIOs and CISOs Need to Know
Colocation is emerging as a pragmatic alternative to building private data centers, offering enterprises robust physical safeguards while offloading power and cooling overhead. Providers secure the facility with layered access controls, surveillance, and environmental protections, but customers retain responsibility for...
BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
The episode examines the recent breach of the BreachForums marketplace, which exposed the real identities, emails, IPs, and registration data of roughly 324,000 cyber‑criminals. Experts from Keeper Security, ColorTokens, and Fenix24 explain how the leak provides a rare intelligence goldmine,...
Flaw in Broadcom Wi-Fi Chipsets Illuminates Importance of Wireless Dependability and Business Continuity
The episode examines a critical vulnerability in Broadcom Wi‑Fi chipsets that lets an attacker disrupt 5 GHz networks with a single unauthenticated frame, forcing a router reboot and potentially enabling evil‑twin phishing attacks. Experts from Black Duck, BeyondTrust, Qualys, and Cequence...
StrongestLayer: Top ‘Trusted’ Platforms Are Key Attack Surfaces
In this episode Adrian Bridgwater discusses StrongestLayer’s new threat‑intelligence report, which analyzed 2,042 advanced email attacks that slipped past Microsoft Defender E3/E5 and leading secure email gateways. The findings reveal a shift toward attackers exploiting trusted platforms such as DocuSign,...
Are Cloud Secrets Safe with Automatic Rotation Systems
Enterprises are increasingly relying on automated rotation systems to protect cloud secrets tied to Non‑Human Identities (NHIs). By continuously updating credentials, these solutions shrink the window of exposure for machine‑identity attacks, a threat that 68% of organizations have already faced....
How Powerful Is AI in Managing Non-Human Identities
Non‑human identities (machine identities) now account for roughly 68% of IT security incidents, making their management a top priority for organizations undergoing digital transformation. A lifecycle‑focused NHI management platform offers discovery, classification, monitoring, and remediation, surpassing point solutions like secret...
What New Technologies Are Boosting Agentic AI Capabilities
Non‑Human Identities (NHIs), also called machine identities, are becoming essential for securing cloud‑based environments as organizations scale. Effective NHI management couples encrypted secrets with granular permissions, providing a passport‑visa model for automated services. Integrating Agentic AI enables autonomous secret rotation,...
Can Agentic AI Handle Complex Cloud-Native Security Tasks
The article explains that non‑human identities (NHIs)—machine credentials such as passwords, tokens and keys—are critical for securing cloud‑native environments. It argues that comprehensive NHI management platforms provide visibility, automated secret rotation, and threat detection across the identity lifecycle, delivering cost...
NDSS 2025 – Alba: The Dawn Of Scalable Bridges For Blockchains
Researchers at TU Wien and Princeton introduced Alba, a Pay2Chain bridge that leverages off‑chain payment channels to trigger conditional payments on target blockchains. Unlike traditional light‑client or zk‑based bridges, Alba avoids costly on‑chain inclusion proofs, cutting communication overhead and on‑chain...
Blockchain Penetration Testing: Definition, Process, and Tools
Blockchain penetration testing simulates real‑world attacks on decentralized ledgers to expose flaws in smart contracts, consensus mechanisms, nodes, and wallets before they can be exploited. Recent incidents such as the $2.17 billion crypto thefts in 2025 and the 17‑hour Solana outage...
AI-Powered Penetration Testing: Definition, Tools and Process
AI‑powered penetration testing combines machine‑learning models, autonomous agents, and traditional security tools to simulate real‑world attacks faster and more comprehensively than manual testing. Recent research shows AI agents achieved 82 % precision and outperformed nine out of ten human testers in...
IoT Penetration Testing: Definition, Process, Tools, and Benefits
IoT penetration testing evaluates the entire IoT ecosystem—from hardware and firmware to cloud services—by simulating multi‑stage attacks. The practice uncovered critical flaws in high‑profile incidents, such as Southern Water’s water‑monitoring hack and an NHS Trust breach, both caused by outdated...
NDSS 2025 – PropertyGPT
PropertyGPT leverages large language models to automatically generate formal verification properties for smart contracts, using a retrieval‑augmented pipeline that pulls similar human‑written properties from a vector database. The system iteratively refines generated properties with compilation and static‑analysis feedback to ensure...
NDSS 2025 – Silence False Alarms
Researchers at NDSS 2025 introduced AutoAR, a system that automatically recognizes anti‑reentrancy patterns in Ethereum smart contracts. By leveraging a novel RentPDG graph representation and a graph auto‑encoder with clustering, AutoAR can detect twelve common protective patterns with 89% accuracy....
NDSS 2025 – Provably Unlearnable Data Examples
The NDSS 2025 paper tackles the lack of provable guarantees in machine‑unlearning by introducing a certification framework for (q, η)-learnability. It proposes Provably Unlearnable Examples (PUEs) that tighten certification bounds and resist simple weight‑recovery attacks. Experiments show PUEs cut certified learnability...
Agentic AI and Non‑Human Identities Demand a Paradigm Shift In Security: Lessons From NHIcon 2026
The second NHIcon 2026 conference highlighted that traditional identity and access management (IAM) is ill‑suited for the rise of agentic AI and non‑human identities (NHIs). Speakers argued that static roles, long‑lived credentials, and session‑based trust amplify risk as autonomous agents act...
Top 6 Data Breaches of January 2026
In January 2026 six high‑profile data breaches—Nike, Melwood, SNP Transformations, Venezia Bulk Transport, Global Shop Solutions, and Grubhub—highlight a shift toward exposure through internal access paths and third‑party tools. Breaches ranged from a 1.4 TB internal data exfiltration at Nike to a...
Top 10 B2B Healthcare SaaS SSO Solutions in 2026
Healthcare SaaS vendors now face a non‑negotiable requirement: integrate Single Sign‑On with hospital identity providers to secure access and meet procurement standards. Data breaches in the sector average $12 million per incident, driving CISOs to demand instant revocation and compliance‑ready authentication....
Why Passwordless Authentication Is Critical for Online Learning & Student Services
Online learning has become core campus infrastructure, but passwords remain the weakest link, exposing grades, payments, and personal data. Passwordless authentication replaces reusable secrets with device‑bound credentials such as passkeys, security keys, magic links, OTPs, and push approvals. The shift...
Helpdesk Impersonation: A High-Risk Social Engineering Attack
Helpdesk impersonation is a social‑engineering technique where attackers pose as employees or partners to trick IT support staff into granting unauthorized access. By leveraging publicly available information and urgency cues, they can obtain password resets, MFA device changes, and privileged...
Top 5 PCI Compliant Hosting Providers
The article outlines the five leading PCI‑compliant hosting providers—AWS, Microsoft Azure, Google Cloud Platform, Rackspace, and specialized PCI hosts—explaining how each aligns its infrastructure with PCI DSS requirements. It emphasizes the shared‑responsibility model, where providers manage the underlying hardware while...
Measuring Agentic AI Posture: A New Metric for CISOs
The episode introduces a new metric—Agentic AI Posture—to help CISOs assess readiness against fast‑moving AI‑driven threats, arguing that traditional security metrics like MTTR are insufficient. It outlines three pillars for measuring AI readiness: Visibility Ratio (tracking shadow agents and API...
Still Trying to Reduce Technical Debt Manually?
In this episode, Azul discusses the growing challenge of technical debt in Java applications, especially as Java versions approach end‑of‑support windows. It outlines manual best practices—such as educating product owners, modular architecture, automated testing, and maintaining a debt register—alongside governance...
Moltbot Personal Assistant Goes Viral—And So Do Your Secrets
The episode dives into Moltbot, an open‑source, self‑hosted AI personal assistant that surged in popularity in January 2026, amassing tens of thousands of GitHub stars and forks. While its powerful automation capabilities are praised, the hosts reveal a wave of...