Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why the next Log4Shell will be won or lost in the first 72 hours—and what a modern zero‑day workflow looks like. Every security team remembers where they were when Log4Shell dropped. A quiet Friday afternoon in December 2021 turned into a weekend of war rooms, emergency patches, and executive updates. Years on, the Log4j fallout still shows up in breach reports—a stubborn reminder that zero‑days don’t end when the news cycle does.

Over the past month, the cybersecurity community has published isolated reports detailing disparate attacks by the North Korean state-aligned threat group Shifty Corsair (also known as FAMOUS CHOLLIMA). While individual vendors have documented specific supply chain poisons or targeted spear-phishing campaigns, the Threat Fusion Cell (TFCTI) at BlueVoyant has synthesized these findings to reveal a much larger, coordinated offensive.

A global leader in point-of-care ultrasound and medical imaging solutions has transitioned to a dedicated KeyScaler-as-a-Service (KSaaS) environment, marking a significant step forward in its ability to scale securely, optimise performance, and gain deeper operational insight across its connected device ecosystem.

“ From AI-driven threats to identity-based attacks, CISOs are facing increasing pressure to manage risk while enabling business growth.“

AI agents are being deployed in the real world at pace. In the enterprise realm, they’re accessing APIs, shipping code, and running decisioning workflows on behalf of the organizations and individuals who deploy them. Entirely new businesses have sprung up, leveraging AI agents to streamline customer support and sales processes.

Security teams enter an asymmetric battle when adversaries freely use AI to wage attacks. The aggressors are armed with top-tier capabilities. Defenders hesitate to adopt AI they can't see, trust, or control. SecOps teams are drowning in alerts and outpaced by adversaries who are unafraid to automate everything. The solution isn't another dashboard or another AI chatbot offering recommendations.

On April 7, 2026, Anthropic fundamentally altered the AI landscape by announcing it would withhold its next-generation artificial intelligence (AI) model, Claude Mythos, from public release.

Ever wonder why you see ads for stuff you talked about, but never searched? Learn what’s happening. If you've ever mentioned something in passing and then seen an ad for it shortly after, you're not imagining things. Learn how ads can sometimes follow you from real life to your screen, and how secure browsers with built-in ad blockers can help you take back control of what you see online. Many people have had the experience of mentioning something casually and then seeing ads for it later.

Security doesn’t stop at the perimeter. The “inside” of your network often harbors many overlooked risks. To address this, ealier this year we launched Detectify Internal Scanning, designed to bring our world-class vulnerability research directly into your private ecosystems.

A new phishing campaign is using WhatsApp messages to deliver malware, according to researchers at Microsoft. The attackers are attempting to trick users into installing malicious Visual Basic Script (VBS) files. “The campaign relies on a combination of social engineering and living-off-the-land techniques,” Microsoft says.