Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI Supply Chain Risk: Scanning Vulnerabilities in ML Frameworks

A platform engineer at a mid-market fintech opens her SCA dashboard at the start of the quarter. The agentic customer-support pipeline her team shipped two months ago — a LangChain orchestrator, a vLLM inference server with two fine-tuned LoRA adapters pulled from Hugging Face, and an MCP toolkit wired to four internal APIs — shows green. Snyk has scanned every Python package in the container. Mend has cleared the dependency graph. The CVE count is zero.

Runtime-Informed Posture: What AI Agents Can Do vs What They Actually Do

A platform engineer pulls the AI-SPM dashboard for an agent that has been running in production six weeks. The static dashboard shows several dozen findings, severity-sorted by configuration weight. The runtime-informed dashboard shows a smaller, prioritized list — but a few of those findings do not appear on the static view at all, and most of the static findings appear demoted to a tier the static view does not have. Same agent. Same window. Same underlying configuration.

What Is a Fully Managed IT Solution?

A fully managed IT solution is a service model in which a third-party Managed Service Provider (MSP) takes complete ownership of an organization's entire IT environment, covering infrastructure management, cybersecurity, cloud services, help desk support, network monitoring, data backup, and strategic IT planning, all under a single predictable monthly contract. The provider proactively monitors, maintains, and secures your systems around the clock, resolving issues before they impact business operations.

What Is AI-SPM? AI Security Posture Management Explained

Every cloud security vendor launched an AI-SPM dashboard in the past year. Strip away the branding and most of them are presenting the same concept: a new posture management layer for AI workloads. Sit through four demos in the same week and a practical question surfaces. The dashboards look broadly similar — pie charts of findings, compliance tags, a list of AI assets, a severity ranking. Why, then, do the tools underneath cover completely different parts of the problem?

It's time to treat browser extensions like supply chain attack vectors

You would never install an application that can log into your Google docs, read your keystrokes in your browser, intercepts requests in transit, runs continuously, updates silently, AND could be powerful enough to steal your passwords, right? Well, this is more or less what browser extensions can do, and they create vulnerabilities that extend beyond one computer and or even one company.

DNS anomaly detection with machine learning: How ManageEngine DDI Central stops threats before they start

Most breaches don't announce themselves; they whisper. A subtly malformed DNS query here. A DHCP lease request that looks almost normal there. A client that suddenly requests a domain no one in your organization has ever heard of. By the time these whispers become alarms on a SIEM dashboard, attackers have often already moved laterally, exfiltrated data, or cemented persistence. In traditional DNS, DHCP, and IPAM (DDI) setups, these signals are buried under millions of legitimate transactions.

Token Bingo: Don't Let Your Code be the Winner

In early April 2026, Arctic Wolf began tracking a large-scale device code phishing campaign impacting organizations across multiple regions and sectors. Similar to the widespread “Riding the Rails” campaign first observed in late March by Huntress, the threat actors were observed abusing OAuth device code flow to trick victims into providing authentication codes and obtain initial access into victim environments.

Supply chain attacks hit Checkmarx and Bitwarden developer tools

Sophos X-Ops is aware of reports that two widely-used developer tools – the Checkmarx KICs security scanner and the Bitwarden CLI – were hijacked on April 22, 2026, to steal credentials from development environments. These attacks occurred within hours of each other and share the same command-and-control (C2) domain – potentially pointing to a single threat actor running a coordinated campaign. Both vendors have since reportedly contained the incidents.

From Data to Decisions: How CTI Is Evolving in 2026

Cyber Threat Intelligence is changing fast in 2026 as organisations face AI-powered threats, rising ransomware activity, and expanding digital attack surfaces. Modern CTI is no longer about collecting data, but delivering actionable insight that helps security teams make faster, smarter decisions. Technology is evolving fast, and so is the cyber threat landscape.

Solving Four Common Incident Response Mistakes That Delay Containment and Drive Up Costs

Organizations often lose precious hours and sometimes millions of dollars because they lack a well-defined and tested incident response plan. In many cases, response roles are loosely defined and disconnected from key stakeholders, including digital forensics teams, breach counsel, and cyber insurance providers. Even large organizations fall into this trap, resulting in delayed containment, inefficient recovery, and prolonged business interruption.