vulnerabilities
Default Configurations, Dangerous Defaults, and ServiceNow's AI Agent Discovery
New research highlights the gap between how technology is designed to work and how it's actually safely operated.
AI-Powered Espionage Disclosure: Industry Questions Value of Anthropic's Postmortem
Anthropic's disclosure lacked important elements, which explains the professional criticism that erupted despite the potmortem's potential significance. And while the post is marketing for Anthropic, it also provides strategic threat context for security executives.
Invisible Gateways: The Hidden IoT Security Risk Threatening Organizations
Connected devices are changing how we work—but they’re also opening invisible gateways for attackers. In this article, Phillip Wylie breaks down how IoT vulnerabilities are being exploited and what organizations can do to close these unseen entry points.
F5 CEO Provides Update on Status of Nation-State Intrusion
The breach has triggered a reckoning with security blind spots that extend far beyond one company's network.
Reflections on the CVSS Keynote
Go talk to some VM teams, and you, too, will see what I see.
The Salesloft Drift Breach Expose Critical Flaws in OAuth Implementations
For enterprise security teams already struggling with SaaS sprawl and third-party risk management, the Drift breach is a reminder that OAuth tokens—designed to enhance security by eliminating password sharing—are high-value targets.
Bolster Defense-in-Depth Strategies as Collaboration Platforms Face Escalating Threats
It’s their necessity for such accessibility that makes secure configuration especially challenging—and when a zero-day vulnerability emerges, the damage can be swift.
Real-World Penetration Testing Case Study | Red Team Lessons
How red teamers exploited a Jenkins flaw to take full control of a corporate network. Learn key lessons for enterprise defenders.