Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our most significant release in years—a major leap forward in helping IT, security, and operations leaders build a more secure, accountable, and high-performing digital workplace.

On January 7, 2026, fixes were released for a maximum severity vulnerability (CVE-2026-21858) impacting n8n, a workflow automation application primarily used with artificial intelligence. Labeled “Ni8mare” by the researchers who discovered it, the vulnerability allows unauthenticated remote threat actors to take over locally deployed instances via publicly accessible webhook and form endpoints.

As AI agents become increasingly prevalent across business environments, their security is a pressing concern. Among the insidious threats facing AI agents is tool poisoning, a type of attack that exploits the way AI agents interpret and use tool descriptions to guide their reasoning. In this blog, we explain how AI tool poisoning works, the different forms it can take, and how organizations can strengthen their defenses against this type of attack.

Agentic AI is a stress test for non-human identity governance. Discover how and why identity, trust, and access control must evolve to keep automation safe.

In 2026, organizations are already managing attack surfaces that are larger, more fragmented, and more volatile than in previous years. As the year progresses, attack surfaces will continue to expand in scope and complexity, making them harder to secure consistently.

Domain takedown services are a familiar control for enterprises dealing with phishing, fake websites, and brand impersonation. When a spoofed domain appears, the instinctive response is to remove it as fast as possible. Security teams generally face a clear decision: handle takedowns internally using tools and SOC workflows, or rely on managed domain takedown services. What is less clearly understood is that this decision is not really about preference or maturity.

As cyber threats grow more sophisticated and persistent, traditional penetration testing methods, often conducted quarterly or annually, can miss key vulnerabilities and lack coverage. Continuous penetration testing enables organizations to identify and remediate vulnerabilities in real time, providing product and software teams with up-to-date insight and evidence to advance security and enhance regulatory compliance.

Egnyte is extremely powerful, allowing users to work from anywhere. Many users prefer working on a desktop because they rely on powerful desktop applications to create complex content. With Egnyte, administrators benefit from being able to configure the desktop experience for their users. To make it easier for administrators, we’ve improved what until now has been a manual configuration process.

Network devices that reach their End of Life (EOL) represent a significant risk that many organizations overlook. Beyond the lack of vendor support, they can become open doors for increasingly sophisticated attacks. A recent analysis by CSO reveals that two out of three security breaches originate from outdated firewalls and network devices -‒ with unpatched firmware and vulnerabilities that attackers know inside out.

ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are needed so their browser or computer can perform some desired action.