Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection

Link11, a leading European provider of cloud-based cybersecurity solutions, today announced the launch of its completely rebuilt Layer 3/4 DDoS mitigation solution, designed to address the growing complexity of modern network attacks. Today's DDoS attacks are not just simple volume or protocol attacks anymore. They can originate from compromised devices within trusted and legitimate networks, mimic real traffic, and appear in short, high-intensity bursts that leave little time for manual response.

And another one. GitHub ships break-glass credential revocation

Last week, GitHub released self-service credential revocation for Enterprise. The feature lets organization owners cut off compromised credentials across the entire organization in one action instead of trying to track down individual tokens during an active incident. This fix was a long time coming, as the past few months have shown what happens when revocation is slow or incomplete.

DuneSlide: Two Critical RCE vulnerabilities via Zero-Click Prompt Injection in Cursor IDE

Cato AI Labs has discovered two critical remote code execution (RCE) vulnerabilities in Cursor IDE, the popular development environment which, according to Cursor, is used by over half of the Fortune 500. Both RCE vulnerabilities, which we refer to as “DuneSlide,” achieved a 9.8 CVSS score, and involve breaking out of the IDE’s sandbox environment and were assigned CVE IDs CVE-2026-50548 and CVE-2026-50549.

Why Low-And-Slow Attacks Look Normal

Low and slow attacks look normal because they are intentionally distributed into small, permissible actions that avoid detection thresholds. Each step appears legitimate on its own, which prevents detection systems from recognizing the overall progression. The issue is not that security teams lack telemetry. The issue is that traditional detection often evaluates activity in fragments. When each action stays below a rule or threshold, the broader pattern can remain invisible.

LogRhythm SIEM July 2026 Release: Accelerating Investigations and Expanding Visibility

The LogRhythm SIEM July 2026 release adds new investigation workflow features, expands automation for administration and archiving, and broadens telemetry coverage across cloud, identity, collaboration, endpoint, and email environments. Organizations running on-premises and hybrid environments often need tight control over data to meet sovereignty and operational requirements.

What's New in New-Scale July 2026: AI Agents Need More Than Guardrails

Exabeam expands Behavior Intelligence to address risks introduced by agentic AI. This release introduces open-source projects for agent verification and telemetry, expanded AI observability with Anthropic Claude support, more than 50 new Agent Behavior Analytics (ABA) detections (bringing total to 90), Exabeam Nova Content Creator, and OWASP Agentic Top 10 coverage scoring in Outcomes Navigator, enabling teams to continuously verify, observe, analyze, and improve AI agent security.

How State Governments Can Navigate the Resource Crunch and Achieve Resiliency

The 2026 NASCIO-Deloitte Cybersecurity Study reveals a stark reality for CISOs in state governments: while cyber threats are growing in both sophistication and volume, the resources available to combat them are failing to keep pace. As foreign adversaries and cybercriminals weaponize AI to probe for vulnerabilities, state CISOs find themselves at a critical juncture, navigating expanding responsibilities amidst tightening budgets.

Shadow AI Is Not Shadow IT With a Better Marketing Budget

I saw a venn diagram on social media. One circle is Shadow IT, one circle is Shadow AI, a substantial overlap, and the implicit message is that they are effectively the same challenge. They aren’t and that the assumption can lead to many problems. Looking back, shadow IT was like watching a crash in slow-motion. Employees using technology IT hadn't sanctioned. Personal Dropbox accounts. Unofficial Slack workspaces.

Phishing Exposes Employee Data at 86% of Fortune 100 Companies

A new report from SpyCloud has found that phishing attacks have exposed employee data at 86% of Fortune 100 companies over the past 12 months, with the technology, airline and automotive sectors being hit the hardest. The researchers also found that 78% of organizations experienced an increase in phishing volume over the past year. Additionally, 84% of respondents named AI-assisted phishing as their top concern, followed by business email compromise (BEC) attacks.

Top Enterprise AI Adoption Challenges

AI today has moved beyond experimentation. In the modern age, enterprises are embedding AI across various aspects of their businesses, including customer support, document processing, software development, healthcare, financial services, and decision-making workflows. According to a recent McKinsey report, 88% of businesses use AI in at least one business function. This reflects how AI is now becoming the center of several enterprise operations.