The 2026 State of Pentesting: Why delivery and follow-through matter more than ever
Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is …
Security leaders push for continuous controls as audits stay manual
Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap …
HackerOne extends Safe Harbor protections to AI testing
HackerOne has unveiled the Good Faith AI Research Safe Harbor, a new industry framework that establishes authorisation and legal protections for researchers testing AI systems …
Ping Identity launches Universal Services for ongoing identity assurance
Ping Identity announced its Universal Services, a set of identity services that enable organizations to move beyond authentication and continuously establish, validate, and …
Initial access broker pleads guilty to selling access to 50 corporate networks
A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New …
Endace pushes packet capture into real-time security workflows
Endace has announced the release of OSm 7.3, a major software update that makes network packet data faster, more affordable, and more user-friendly. Faster search, API-driven …
Radware targets API blind spots with real-time lifecycle protection
Radware has unveiled the launch of its Radware API Security Service, an end-to-end solution designed to protect APIs throughout their entire lifecycle using real-time …
Sophos expands security stack to govern apps, data, and AI in hybrid work
Sophos has announced Sophos Workspace Protection, expanding its portfolio to help organizations secure hybrid work and govern the use of emerging technologies, including AI. …
Let’s Encrypt rolls out 6-day and IP-based certificates
Let’s Encrypt says its short-lived TLS certificates with a 6-day lifetime are now generally available. Each certificate is valid for 160 hours from the time it is issued. To …
Confusion and fear send people to Reddit for cybersecurity advice
A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these …
Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers
Every interaction online, from signing up for a newsletter to making a purchase, leaves a trace. These traces are collected by data brokers and resold to advertisers, …
Privacy teams feel the strain as AI, breaches, and budgets collide
Privacy programs are under strain as organizations manage breach risk, new technology, and limited resources. A global study from ISACA shows that AI is gaining ground in …
Featured news
Resources
Don't miss
- Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
- TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
- Communicating cyber risk in dollars boards understand
- CVE Lite CLI: Open-source dependency vulnerability scanner