Audits for AI systems that keep changing
Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment …
Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ …
Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise …
Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS
Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage …
NICE Actimize Insights Network combats fraudulent transfers
NICE Actimize launched Actimize Insights Network, an intelligence network designed to give financial institutions real-time visibility into counterparty risk. Leveraging …
HackerOne brings Agentic PTaaS to continuous, expert-validated pentesting
HackerOne announced Agentic Pentest as a Service (Agentic PTaaS), delivering continuous security validation by combining autonomous agent execution with human expertise to …
Microsoft brings AI-powered investigations to security teams
Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak …
AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints
Amazon Web Services has added IPv6 support to IAM Identity Center through new dual-stack endpoints. The update allows identity services to operate over IPv6 networks while …
NETSCOUT adds Wi-Fi 7 observability and real-time SSL certificate monitoring
NETSCOUT announced new capabilities that further enhance its observability solutions to address critical gaps in remote site management and risks stemming from expired SSL/TLS …
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted …
Zscaler expands AI security capabilities to deliver visibility, control, and governance
Zscaler has announced new AI security innovations designed to empower enterprises to secure the fast growing use of AI, while maintaining visibility, control, and governance. …
Descope introduces dedicated identity infrastructure for AI agents and MCP ecosystems
Descope has updated its Agentic Identity Hub to provide MCP developers and AI agent builders with standards-based identity infrastructure for their AI systems. Organizations …
Featured news
Resources
Don't miss
- Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
- TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
- Communicating cyber risk in dollars boards understand
- CVE Lite CLI: Open-source dependency vulnerability scanner