Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Running your own certificate authority sounds like the responsible choice for internal infrastructure. Distribute your root cert to every machine and issue certs internally. In practice, you spend the next six months chasing down every device, contractor laptop, and vendor console that didn’t get root installed. The warnings come back. And when they do, people click through them, because they always have. There’s a simpler path, and most teams don’t know it exists.

For organizations within the Defense Industrial Base (DIB), the Cybersecurity Maturity Model Certification (CMMC) 2.0 represents more than a regulatory hurdle. It is becoming a core requirement for doing business with the Department of Defense and for protecting sensitive information across the defense supply chain.

A highly critical SQL injection vulnerability in Drupal core has raised concerns across organizations running PostgreSQL-backed Drupal environments. Tracked as CVE-2026-9082, the vulnerability affects Drupal’s database abstraction layer and can be exploited remotely without authentication. The vulnerability was disclosed through Drupal security advisory SA-CORE-2026-004 on May 20, 2026. CVE-2026-9082 is now under active exploitation.

Brand impersonation protection is often evaluated by how quickly fake domains, cloned pages, scam ads, and impersonation assets can be removed. That metric matters, but it does not answer the more important security question: who was exposed while the asset was live, and what risk did that exposure create? Domain takedown reduces the life of an impersonation asset.

This article was originally published in Professional Security Magazine. Why are organizations still losing to phishing in 2026? Phishing has been the dominant attack vector for years. Despite this, organizations continue to be caught out by it. The UK government’s Cyber Security Breaches Survey 2026 confirms it remains the most prevalent and disruptive type of attack that businesses are facing. For those on the front line of incident response investigations globally, that finding is no surprise.

The era of "typing into a box" is over. For years, we viewed artificial intelligence as a digital assistant—a sophisticated autocomplete tool that waited for human input. But according to Martin Kraemer, KnowBe4’s CISO Advisor for Europe and the Middle East, that dynamic has shifted. We have moved from asking AI questions to giving AI jobs. In a recent deep-dive webinar, Martin explored the transition from AI tools to AI agents.

Threat actors are increasingly augmenting their attacks with AI tools, according to researchers at Google’s Threat Intelligence Group (GTIG). For the first time, GTIG observed a threat actor using a zero-day exploit developed by AI, although Google blocked the attack before it succeeded. Threat actors also continue to use Large Language Models (LLMs) for research, reconnaissance, and malware development.

In 2024, we talked to AI. In 2026, AI is talking to our systems, our customers, and increasingly, acting on our behalf. With AI agents, we are moving AI from a tool to an actor, from assistance to agency and from outputs to actions. And that changes the nature of risk. AI agents plan, execute, and interact with the world on our behalf. They send emails, move data, trigger workflows, and increasingly operate across systems without human intervention.

The dominant narrative around AI in security is one of emboldened defenders suppressing attackers. Yet, not everyone is convinced the future will be so rosy. In a recent Defender Fridays episode, Josh Neil, Co-founder and CTO of Alpha Level, made an argument that cuts against the celebratory mood: as AI makes known attack vectors harder to use, adversaries don't disappear. They adapt. For MSSPs and SOC teams, an adversary that looks like a user is a harder problem than one that looks like malware.

Higher education faces a unique challenge when it comes to managing sensitive data governance. Unlike a more centralized corporate environment, colleges and universities often operate across many semi-independent schools, departments, research groups, and administrative teams. Each may have its own systems, priorities, workflows, and level of security maturity. That structure is part of what makes higher education work. It supports research, academic flexibility, and departmental independence.