PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun

Koi researchers found “PackageGate” flaws in NPM, PNPM, VLT, and Bun that let attackers perform supply chain attacks and run malicious code. Security firm Koi uncovered a set of... Read more »

Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization

Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network... Read more »

Teleport’s Agentic Identity Framework protects AI agents in production environments

Teleport has unveiled the Teleport Agentic Identity Framework, an AI-centered framework that provides organizations with a roadmap for securely deploying agentic AI across production cloud and on-premises environments. The... Read more »

Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages

Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments... Read more »

Yubico extends hardware passkey deployment options

Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled... Read more »

WhatsApp rolls out new security feature to protect users from sophisticated attacks

To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed... Read more »

Pondurance RansomSnare blocks file encryption and data exfiltration

Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from... Read more »

Android just got smarter at stopping snatch-and-run phone thefts

Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android 16 and later.... Read more »

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities

CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware... Read more »

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their... Read more »
Subscribe to our Newsletter