Latest Posts

From Spend to Impact: Fixing the Disconnect in U.K. Supply Chain Security

Jan 7, 2026 By Robert Hannigan, Chairman of International Business In BlueVoyant

In today's hyperconnected economy, supply chains are no longer just operational backbones; they are strategic lifelines, shaping resilience, competitiveness, and innovation across industries. Yet for many U.K. organisations, these lifelines are becoming increasingly fragile. The most recent iteration of our global supply chain defence research indicates that - despite pouring significant resources into third party risk management (TPRM) programs and embracing new technologies to shore up their supply chain defences - U.K. businesses continue to face a high rate of supply chain breaches.

Read Post

BlueVoyant

Read more about From Spend to Impact: Fixing the Disconnect in U.K. Supply Chain Security

Acronis Appoints Jo Holliday as General Manager for United Kingdom and Ireland

Jan 7, 2026 By Acronis In Acronis

Seasoned channel and revenue leader to accelerate growth and deepen partner impact across the UK and Ireland.

Read Post

Acronis

Read more about Acronis Appoints Jo Holliday as General Manager for United Kingdom and Ireland

Cloudflare publishes fifth annual Impact Report

Jan 7, 2026 By Cloudflare In Cloudflare

Report details key milestones in helping secure democratic elections worldwide, protect independent journalism and non-profits from AI scraping, and create a more sustainable Internet.

Read Post

Cloudflare

Read more about Cloudflare publishes fifth annual Impact Report

Exploiting Monsta FTP: Technical Analysis of CVE-2025-34299

Jan 7, 2026 By foresiet In Foresiet

CVE-2025-34299 is a critical vulnerability in Monsta FTP, a web-based file transfer tool, unauthenticated arbitrary file write via remote download leading to remote code execution (RCE). Affecting versions 2.11 and earlier, it enables attackers to upload malicious files via a crafted SFTP or FTP connection, compromising servers without credentials. This flaw has seen active exploitation through opportunistic scans. By January 2026, Vulnerable instances remain exposed.

Read Post

Foresiet

Read more about Exploiting Monsta FTP: Technical Analysis of CVE-2025-34299

Cyber Threat Intelligence Report: Top 4 Malware Targeting Finance

Jan 7, 2026 By Emma Stevens In BitSight

The finance sector continues to face sustained and evolving cyber threats driven by the high value of financial data, credentials, and transactional access. Malware remains one of the most common and effective mechanisms used to compromise financial institutions, payment platforms, and end users, enabling fraud, data theft, and operational disruption.

Read Post

BitSight

Read more about Cyber Threat Intelligence Report: Top 4 Malware Targeting Finance

Best Kubernetes & Container Security Dashboards: Top 8 Tools for 2026

Jan 7, 2026 By Jonathan Kaftzan In ARMO

What is a Kubernetes security dashboard? A visual interface showing your clusters’ security state—what’s vulnerable, what’s under attack, and what to fix first. Different from general dashboards like Lens or Rancher, which focus on cluster management rather than threat detection. Why do most security dashboards fail? They create more work. Alerts are siloed across tools, forcing hours of manual correlation.

Read Post

ARMO

Read more about Best Kubernetes & Container Security Dashboards: Top 8 Tools for 2026

6 Best Runtime API Security Tools for Kubernetes & Cloud-Native Environments in 2026

Jan 7, 2026 By Jonathan Kaftzan In ARMO

Why isn’t your API gateway enough? Gateways control access; WAFs block known signatures. Neither sees what happens at the application layer—where SQL injection executes, where SSRF reaches your metadata service, where lateral movement begins. Runtime security monitors live behavior, not just perimeter traffic. What’s the real problem with API security tools? Most see only one layer. API security sees traffic patterns. Container security sees process execution.

Read Post

ARMO

Read more about 6 Best Runtime API Security Tools for Kubernetes & Cloud-Native Environments in 2026

What Windows 10 end of support means for OT environments

Jan 7, 2026 By Lee Pender In Acronis

When Microsoft ended support for mainstream Windows 10 in October 2025, there was panic in many industries. Fearing that Windows 10 would be unprotected and therefore exposed to cyberthreats, organizations raced to migrate to Windows 11. But in operational technology (OT) environments, that narrative is a little misleading. Upgrading prematurely can introduce far greater operational risk than staying on a well-controlled Long-Term Servicing Channel (LTSC) platform.

Read Post

Acronis

Read more about What Windows 10 end of support means for OT environments

The Versioning Ghost: Why OS Context is the Missing Coordinate

Jan 7, 2026 By Amit Agam In Seal Security

In the world of Software Composition Analysis (SCA), we often treat the tuple of (package_name, version) as a unique identifier. For example, given an NPM package angular version 1.8.0 - we would know precisely which source code was used, and what vulnerabilities affect that version.It is a common misconception that a package version maps directly to a fixed set of source code and, by extension, a static vulnerability profile.

Read Post