Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Braintrust's Ankur Goyal: Code review doesn't cover prompts

Zero-Shot Learning is a podcast about how AI gets built, secured, and deployed. Hosted by Nancy Wang, 1Password CTO, and Dev Tagare, Senior Director of Engineering at Google, it’s a builder’s view of the architecture and the decisions it takes to ship with AI.

Everything you need to know for a career in cybersecurity

So, you want to be a cybersecurity analyst. With the rise in high-profile data breaches, privacy concerns and rapid technological advancements, there’s a greater demand for cybersecurity analysts now. And the demand for cybersecurity analysts is only expected to grow. But before you get too far into pursuing this job, let’s look into the basics of this profession. Below, we answer the most frequently asked questions about becoming a cybersecurity analyst.

Phone Bombing Attacks 2026: A Complete Guide

If your phone has not stopped buzzing for twenty minutes, you may be facing a synchronized disruption tactic called a “bombing” attack. In the 2026 cybersecurity landscape, flooding an endpoint with many requests is not just a nuisance. A weaponized operational strategy. Whether an SMS bomber script targets a person or bot networks drive up a business’s API bills, the exploit works the same way.

What the Black Hat NOC taught me about MCP & agentic SOCs (Chapter 1 of 4)

The first time an MCP (Model Context Protocol) server felt real to me, it wasn't because of a clean demo. It was because of the noise. TL;DR: The harness matters more than the protocol, and the evidence matters more than both. MCP earns its keep when it shortens the path from a good security question to trustworthy evidence, and almost everything interesting about making that work happens in the harness wrapped around the model. In this series, I will cover how to build an MCP for an AI SOC.

Brace Yourself: Denial-of-Service in a Billion-Download Dependency

brace-expansion is a very popular npm package with over 38 billion all-time downloads (yeah, over 38,000,000,000) and used by tooling almost every JavaScript project relies on - eslint, glob, and npm itself. Despite being in the public eye for a while, we found a new Denial-of-Service vulnerability that could affect millions. This post walks through what the package does, existing issues that were fixed, and the new one we found - CVE-2026-13149.

Critical Remote Code Execution Vulnerability in libssh2 Client Library Require Urgent Mitigation

A suite of severe vulnerabilities has been disclosed in libssh2 (an SSH client library widely embedded in software such as curl, Git GUI clients, PHP, backup tools, and many IoT/embedded devices). The most critical, CVE-2026-55200 (CVSS 9.2/9.8), is a memory corruption bug in libssh2’s ssh2_transport_read() triggered by a malicious SSH server pre-authentication via a crafted packet_length.

How KeeperMSP Simplifies Multi-Tenant Security

For Managed Security Service Providers (MSSPs), managing cybersecurity programs across multiple client environments can be a daunting task. Context-switching between isolated client accounts, enforcing access policies at scale and ensuring that no vulnerability in one environment affects another demonstrates the ongoing challenges of multi-tenant security.

CVE-2026-48558: Critical Authentication Bypass Vulnerability in SimpleHelp RMM Exploited for Credential Theft and Malware Delivery

CVE-2026-48558 is a critical authentication bypass vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software, caused by improper validation of OpenID Connect (OIDC) token signatures. When OIDC is configured with group-authenticated login settings, unauthenticated attackers can forge identity tokens to bypass multi-factor authentication and gain privileged technician-level access to vulnerable SimpleHelp servers — without valid credentials.