Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Dependency management is one of the biggest challenges in modern software development. Large projects often rely on dozens or even hundreds of libraries. Each one can introduce new vulnerabilities or even malicious code. Attackers sometimes upload fake packages to popular open-source repositories, hoping that build systems will download these packages automatically. This problem is made worse by transitive dependencies, where a single library might include several other libraries under the hood.

Implementing a business continuity plan is essential for reducing operational downtime, which subsequently minimises financial losses and maximises efficiency. Companies that invest in such planning gain a significant competitive edge, as readiness can spell the difference between survival and collapse during unforeseen challenges. Additionally, protecting your supply chain is a critical element, directly impacting customer satisfaction and long-term success.

Continuous Threat Exposure Management (CTEM) is gaining increasing recognition as a crucial component for mature cybersecurity programmes. Both Gartner and Forrester have highlighted CTEM as “a strategic imperative,” underscoring its importance in addressing modern cyber risks. This recognition is well founded, as demonstrated by recent cyberattacks on major organisations including Marks & Spencer, Co-op, Harrods, the NHS and American healthcare institutions.

Cyberattacks on healthcare providers are becoming alarmingly routine — and far more costly. In 2025, Weiser Memorial Hospital joined a growing list of medical institutions grappling with data breaches, compromising the personal and protected health information (PHI) of over 34,000 patients.

The overall defense industrial base is growing increasingly aware of the needs of modern information and cyber security. From recent major supply chain attacks to the constant threat of nation-state actors trying to compromise systems, it’s important to be committed to the best security you can implement, no matter where you are in the supply chain. One of the tools provided to you, and required by the Defense Federal Acquisition Regulation Supplement, is the SPRS.

Insights from Chris Dugan, Manager, Enterprise Account Development at Teleport If you're just starting out in sales, chances are you've come across the title “SDR” (Sales Development Representative) more times than you can count. But here at Teleport, we’ve rebranded our entire SDR function to something that better reflects the real work being done: Enterprise Account Development.

In an era where digital threats evolve faster than ever, cybersecurity isn't just a back-office concern — it's a critical business priority. At Cloudflare, we understand the responsibility that comes with operating in a connected world. As part of our ongoing commitment to security and transparency, Cloudflare is proud to have joined the United States Cybersecurity and Infrastructure Security Agency’s (CISA) “Secure by Design” pledge in May 2024.

Software composition analysis is a type of security testing that identifies the open-source and third-party components used in modern software. Historically, most applications were built entirely in-house. Today, however, with the widespread use of package managers, cloud-native development, and reusable code, developers rely heavily on external libraries and modules. In fact, open-source code makes up as much as 70–90% of the codebase for a single app.

Agentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026. Here is why. What is Agentic AI? First, it helps to define what agentic AI is. To do that, we have to start by defining what Artificial Intelligence (AI) is…and doing that is a bit like trying to nail the proverbial Jello to a wall.

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition. “Business email compromise is an event in which cyber criminals gain access to an organization’s email account to execute a cyber attack,” the cyber insurance provider explains. “Attackers often leverage email access to find sensitive data, including login credentials, financials, and other private information.