Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership. [...]

Part 5: How to achieve resilience, auditability, and AI-scale identity—without betting the bank on someone else’s control plane

The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. [...]

The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. [...]

The European Union is stepping forward to reinforce what many experts describe as a bedrock cyber vulnerability tracking system, as questions linger over the long-term sustainability of the Common...

​​The Centre for Cybersecurity Belgium (CCB) reported a sharp rise in cyber incidents and reporting activity in 2025,... The post CCB report reveals rising cyber pressure on critical...

Global bank's devs have some cleaning up to do after cloud creds found in website code Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API...

Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them

The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [...]

In late February, Beazley Security's Incident Response team responded to a ransomware intrusion at a U.S. healthcare organization attributed to Pay2key, an Iranian government-linked threat actor...

The Waterfall Threat Report 2026 finds that publicly recorded cyber breaches with physical consequences across heavy industry and... The post Waterfall Threat Report 2026 finds ransomware slowdown...

​Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. [...]

The Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data. [...]

In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with...

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning...

Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders. The post Converging Interests: Analysis of Threat Clusters...

Experts say that an American ground operation targeting nuclear sites in Iran would be incredibly complicated, put troops’ lives at great risk—and might still fail.

Spring security advisory (AV26-288)

HPE security advisory (AV26-287)

The hacking group that claimed responsibility for the massive wiper attack against medical technology company Stryker declared today that it breached the FBI in retaliation for the Justice...

[Control systems] ABB security advisory (AV26-286)

Grafana security advisory (AV26-285)

Squid security advisory (AV26-284)

The pro-Iran hacking group that claimed to have swiped a large volume of data from Lockheed Martin hiked their ransom demand even while saying they already shared sensitive information with the...

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays...

Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page....

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva.The vulnerabilities mentioned in this blog post have...

In this week's newsletter, Amy draws parallels between the collaborative themes of "Project Hail Mary" and the massive team effort behind the newly released Talos Year in Review report.

Le processus de double-extorsion est désormais bien installé dans les pratiques des cybercriminels. Ils lancent une attaque, volent des données à leur victime, en chiffrent, déposent une...

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During...