Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response …
The CISO role keeps getting heavier
Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned …
Industrial networks continue to leak onto the internet
Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto …
The $19.5 million insider risk problem
Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks …
Open-source security debt grows across commercial software
Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk …
Cyber valuations climb as capital concentrates, AI security expands
Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total …
Edge systems take the brunt of internet-wide exploitation attempts
Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions …
Security and complexity slow the next phase of enterprise AI agent adoption
Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, …
Enterprises are racing to secure agentic AI deployments
AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can …
Identity verification systems are struggling with synthetic fraud
Fake and expired IDs keep showing up in routine customer transactions, from alcohol purchases to credit card applications. The problem shows up most often in industries that …
Quantum security is turning into a supply chain problem
Supplier onboarding, invoice processing, and procurement platforms run on encrypted data flows that were built for long-term trust. In many organizations, that trust still …
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones …