%term

How does Sisense stay on top of API Attacks?

Apr 2, 2026 By Salt Security In Salt Security

Sisense powers analytics experiences inside the applications businesses rely on every day. As an API-first platform, securing those connections is critical, especially as AI agents increasingly operate through APIs to access data and trigger workflows. In this conversation, Sangram, CISO and VP of IT at Sisense, and Michael Callahan, CMO at Salt Security, discuss how Sisense approached API security strategically to protect their platform, maintain customer trust, and support innovation in the Agentic AI era.

View Video

Salt Security

Read more about How does Sisense stay on top of API Attacks?

4 steps teams can take to mitigate Iranian cyberattacks on critical infrastructure

Apr 2, 2026 By Xona In Xona

COMMENTARY: When the United States and Israel launched coordinated strikes against Iran on February 28, the security community mobilized around the visible response. I’ve watched that response for two weeks: teams tracking hacktivist DDoS campaigns, incident counts climbing, news coverage following close behind.

Read Post

Xona

Read more about 4 steps teams can take to mitigate Iranian cyberattacks on critical infrastructure

Weathering the Attacker's Perfect Storm with Agentic AI-Powered SecOps

Apr 2, 2026 By Securonix In Securonix

The cybersecurity landscape is facing its own perfect storm: AI-powered attacks coupled with resource constraints and regulator pressure, demanding a fundamental shift in SecOps to rise above. With AI showing no signs of slowing down, these issues are not fleeting. They are here to stay, and it is our responsibility to meet them head-on with efficient, AI-powered solutions that allow SecOps teams to conquer the world’s most innovative attacks.

Read Post

Securonix

Read more about Weathering the Attacker's Perfect Storm with Agentic AI-Powered SecOps

What major cyberattacks reveal about the cost of slow recovery

Apr 1, 2026 By Sharon Natasha Francis In ManageEngine

Cyberattacks often succeed not because they are sophisticated but because organizations lack reliable backups or struggle to restore data quickly. When recovery is slow, even minor disruptions can escalate, providing attackers with the time and leverage they need to deploy ransomware and halt operations. When systems go down, every minute of downtime results in operational disruption, a drop in revenue, and lost customer trust.

Read Post

ManageEngine

Read more about What major cyberattacks reveal about the cost of slow recovery

Axios npm package compromise: What happened, what matters, and how to respond

Apr 1, 2026 By Tanium In Tanium

Attackers carried out a supply chain compromise by abusing a compromised npm maintainer account to publish malicious Axios versions (axios@1.14.1 and axios@0.30.4). These releases introduced an unexpected dependency, plain-crypto-js@4.2.1, which attempted platform-specific malware execution via an npm lifecycle script during installation on Windows, macOS, and Linux.

Read Post

Tanium

Read more about Axios npm package compromise: What happened, what matters, and how to respond

Recommendations for companies to avoid being victim to a cyber attack.

Apr 1, 2026 By CISO Global In CISO Global

Joseph Hall, Threat Intel Expert, talks with host, Gary Perkins and shares useful tips for companies to avoid being owned.

View Video

CISO Global

Read more about Recommendations for companies to avoid being victim to a cyber attack.

The Sword Has Been Drawn: What DarkSword's Expansion in the Wild Means for Mobile Security and the Enterprise

Apr 1, 2026 By David Richardson In Lookout

The last few weeks have marked a chaotic turning point in the mobile threat landscape. We’ve seen mass exploitations across numerous iOS versions by multiple threat actors, driven by sophisticated exploit chains like Coruna and now DarkSword. What makes these threats different is not just their activity, but their trajectory. Until recently, these capabilities were expensive, highly secretive, and limited to a small number of advanced actors. Now, that dynamic has shifted rapidly.

Read Post

Lookout

Read more about The Sword Has Been Drawn: What DarkSword's Expansion in the Wild Means for Mobile Security and the Enterprise

Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

Mar 31, 2026 By Tom Abai In Mend

On March 30-31, 2026, threat actors published two malicious versions of the popular HTTP library axios (versions 1.14.1 and 0.30.4) to the npm registry. Both versions included a new dependency named plain-crypto-js which, in its 4.2.1 release, contained a fully-featured cross-platform dropper that silently installed a Remote Access Trojan (RAT) on developer machines.

Read Post

Mend

Read more about Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers

Mar 31, 2026 By Anita Tenjarla In Cloudflare

We're proud to introduce Programmable Flow Protection: a system designed to let Magic Transit customers implement their own custom DDoS mitigation logic and deploy it across Cloudflare’s global network. This enables precise, stateful mitigation for custom and proprietary protocols built on UDP. It is engineered to provide the highest possible level of customization and flexibility to mitigate DDoS attacks of any scale.

Read Post

Cloudflare

Read more about Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers

Supply Chain Attack Impacts Widely Used Axios npm Package

Mar 31, 2026 By Andres Ramos In Arctic Wolf

The widely used Axios npm package, a JavaScript library that enables applications to make HTTP/S requests and is included as a dependency in millions of applications, was compromised in a supply chain attack on March 31, 2026 (UTC).

Read Post