Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In modern enterprise environments, identity has become the primary attack vector, but many organizations lack visibility into who has privileged access and whether that access is being misused. Without proper oversight, attackers may exploit legitimate credentials without triggering traditional security controls. According to Verizon’s 2025 Data Breach Investigations Report, credentials were involved in the majority of breaches analyzed.

As hybrid work becomes the standard, organizations need collaboration tools that simplify file access while maintaining governance and control over business-critical content. To better meet those needs, Egnyte expanded its Microsoft Teams integration to help your teams work more efficiently.

Cybersecurity operations were already becoming increasingly difficult to scale long before AI-driven and increasingly agentic attacks began accelerating the threat landscape. Customer environments continued expanding across endpoints, identities, cloud services, SaaS applications, remote users, and operational infrastructure. More environments created more telemetry, more coordination, and more operational complexity for teams already operating near capacity.

This week, Connie Loizos, editor in chief of TechCrunch, sat down backstage with Francis de Souza, COO of Google Cloud, for a piece on the state of enterprise AI security. The interview is worth reading in full. Three points in it should reshape how every CISO is thinking about the next twelve months.

A few weeks ago I was on a call with a financial services customer who had moved a credit-decisioning model into production on Red Hat OpenShift AI. They were happy with the platform. They were less happy with the answer they had for a question their risk officer had just asked: “If an attacker encrypts the cluster tomorrow, what do we need to bring back to be inference-ready by Monday morning?” The team started listing the obvious things — the model artifact, the serving endpoint.

The banking industry stands at a critical intersection of technology, security, and customer experience. As financial institutions navigate massive data volumes and increasingly sophisticated threats, they’re also trying to survive the digital transformation that’s made customer expectations higher than ever and trust more fragile than before.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Drupal last week and now another I completely forgot about: Ghost CMS.

This year's report shows how credential sprawl across DevOps, SaaS, CI/CD, the cloud, and developer laptops turns initial access into operational impact.

Cyber insurance claims surged by 40% over the past eighteen months, while ransomware payments have dropped by 44%, according to a new report from Cowbell Cyber. The three most common incident types were data breaches, cybercrime (including phishing and business email compromise), and extortion attacks (including ransomware).

With over 10 years of experience in implementing AI, KnowBe4 has a ton of agents on its platform which customers can use to significantly lower risk. They help to secure the digital workforce (humans + AI agents). But five of them, all based and driven by risk scoring metrics, have become my favorites.