Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

VMware vSphere and Microsoft Hyper-V are two of the most popular virtualization platforms. Each solution uses different virtual disk file formats for virtual machines. This means you need to convert virtual disk files when moving VMs between VMware and Hyper-V. For example, you may need to migrate VMs between hypervisors for testing. In other cases, you may need to change the format if you’ve chosen the wrong one when creating the VM. Hyper-V uses VHD and VHDX for VMs, while VMware uses VMDK.

In March 2026, researchers began linking a series of software supply-chain compromises to Replicating Marauder, the BlueVoyant Threat Fusion Cell (TFC) primary identifier for the actor publicly tracked elsewhere as TeamPCP. What made the campaign stand out was that trusted software was poisoned and one compromise repeatedly appeared to enable the next by exposing credentials, release paths, or Continuous Integration and Continuous Delivery or Deployment (CI/CD) trust relationships.

AI Pentesting is having a moment. Well, several moments, actually. Every other week, another vendor announces something, or another LLM-driven pentesting tool tops some benchmark on a target nobody's heard of, another deck claims a new "gold standard" being disrupted, at long last... It's been busy.

Sample of assets impacted by NGINX nginx-poolslip vulnerability, identified by the CyCognito Platform.

CVE-2026-48172 is an incorrect privilege assignment flaw in the LiteSpeed User-End cPanel Plugin that allows any authenticated cPanel user to execute arbitrary scripts as root. The bug sits in the plugin's lsws.redisAble function, which can be invoked through the standard cPanel JSON API to run code with elevated privileges instead of the calling user's own. The vulnerability carries a CVSS v4.0 base score of 10.0 (Critical).

The classic 'survey reward' scam is back and hitting harder than ever. KnowBe4 Threat Labs is tracking a massive, high-volume campaign that is not only impersonating a wide array of trusted global brands across retail, logistics, and healthcare, but is using hundreds of newly registered domains (NRDs) and sophisticated psychological priming to fly past traditional security defenses.

Researchers at Push Security have analyzed a phishing platform used by organized criminal threat actors like ShinyHunters and BlackFile, finding more than 400 domains linked to attacks launched by the phishing kit.

Most guidance published on AI agent security is written for enterprise organizations. It assumes dedicated AI security functions, red teams, platform engineering groups, and the budget to commission purpose-built tooling. If your security team is three people covering five hundred employees and a cloud environment that grows faster than you can document it, that guidance was not written for you. The five posts in this series have established the threat landscape.

In this exclusive fireside chat, Seemplicity CPO Ravid Circus and SANS instructor Jonathan Risto break down this critical distinction and why mastering it is vital as AI rapidly reshapes the cybersecurity threat landscape. Here’s a summary of what they covered. If you’ve been in security for any length of time, you’ve probably wondered whether exposure management is just vulnerability management with a fresh coat of paint.

A relationship manager asks the firm's AI assistant to "summarize my top wealth clients by AUM and flag anyone with a pending transfer over $500K." The agent calls a CRM MCP server, then a core banking MCP server, then a market data MCP server, and returns a clean answer in twelve seconds. Names, balances, account numbers, pending wire details, all rendered in plain text inside the chat window. No file moved. No email left the network. No DLP channel triggered.