The following CIS Benchmarks and CIS Build Kits have been updated or recently released. The Center for Internet Security has highlighted the major updates below. Each Benchmark and Build... Read more »
Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day... Read more »
SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based security detected and blocked a supply chain attack involving a... Read more »
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. “We have attributed... Read more »
Most free Android VPNs track users, request dangerous permissions, and connect to risky servers, privacy comes at a hidden cost. Free VPN apps are some of the most popular... Read more »
Egnyte has announced two major additions to the Egnyte Content Cloud: AI Safeguards, which give organizations granular control over how AI interacts with sensitive content, and an AI Assistant... Read more »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog,... Read more »
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls... Read more »
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the... Read more »
Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints... Read more »
