Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In the last few years, many of the largest data exposures haven’t come from broken pages or leaked databases. They’ve come from APIs. Public reports around large-scale scraping incidents at companies like Meta and LinkedIn showed how exposed APIs, not traditional web flaws, were used to pull massive volumes of user data at scale. This isn’t an edge case anymore. APIs now sit at the center of how enterprises move data between applications, partners, and customers.

As per Verizon’s 2025 DBIR, system intrusion, social engineering, and web application attacks form: This makes web applications one of the most common and important egress points into your business systems and customer data, and that’s why even a single undetected vulnerability here can cascade into revenue-devouring breaches, hefty compliance violations, and reputational damage that may as well take years to repair.

As we step into 2026, Bitsight researchers are closely watching key developments across the cyber risk landscape. Their insights reveal a dynamic tension between rising threats and new opportunities to strengthen defenses. Here's what they predict for the year ahead, and what security teams should be prepared to navigate.

Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a surge in these attacks since May 2025. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains and deliver phishing emails that appear, superficially, to have been sent internally,” the researchers write.

The VMware virtual machine disks consolidation is needed error usually appears when snapshots fail to merge correctly with the main virtual disk. This problem often occurs after incomplete backups, canceled snapshot deletions, or low storage space. Left unresolved, it can slow down your VM or even risk data corruption. Read this blog to learn why the virtual machine consolidation needed status occurs and how to resolve it safely.

Following the recent cyberattack on Endesa, one of Spain’s largest electricity and gas providers, Outpost24’s threat intelligence team has compiled a comprehensive analysis of the incident based on publicly available evidence from underground forums, leaked dataset listings, and the threat actor’s own statements.

The persistence of decades-old technology in industrial settings is a fact of life. Operational technology (OT) environments in factories, power plants and critical infrastructure facilities are studded with industrial PCs running operating systems that the corporate IT world retired years ago.

By Omry Farajun, President and CEO, Storage Guardian Storage Guardian, in partnership with Acronis, has launched the Incident Response Planner to help organizations meet CIS Control 17 – Incident Response Management. The solution uses out-of-band SMS communication and predefined response templates to rapidly engage key stakeholders, host a centralized incident response plan and execute validation drills and tabletop exercises with confidence.

A leading insurance and asset management company was hit by a large-scale data breach, impacting more than four million customer and employee records and resulting in widespread media attention. Through an accelerated response with emergency call center support, a dedicated support website and expedited notice mailing, Kroll’s Breach Notification services ensured the business was able to take quick and decisive action following this globally significant security event.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! You might want to get on to this…