%term

Stopping the Agentic Breach: How to Operationalize Your Defense Against Mythos-Speed Attacks

May 26, 2026 By Exabeam In Exabeam

The industry has spent the past few weeks focused on Claude Mythos Preview and the rise of autonomous offensive AI. As outlined in Claude Mythos, Project Glasswing, and the Machine-Speed Security Race, this shift is not only about faster attacks. The same AI-driven acceleration that helps attackers discover weaknesses faster can also help defenders validate exposure sooner. For security operations teams, the challenge is turning that strategic shift into action.

Read Post

Exabeam

Read more about Stopping the Agentic Breach: How to Operationalize Your Defense Against Mythos-Speed Attacks

Streamlining CMMC Compliance: How Bitsight Empowers the Defense Industrial Base

May 26, 2026 By Jake Olcott In BitSight

For organizations within the Defense Industrial Base (DIB), the Cybersecurity Maturity Model Certification (CMMC) 2.0 represents more than a regulatory hurdle. It is becoming a core requirement for doing business with the Department of Defense and for protecting sensitive information across the defense supply chain.

Read Post

BitSight

Read more about Streamlining CMMC Compliance: How Bitsight Empowers the Defense Industrial Base

CrowdStrike Named a Leader in Identity Threat Detection and Response

May 26, 2026 By Ryan Terry In CrowdStrike

Two recent industry reports validate CrowdStrike’s leadership in the identity threat detection and response (ITDR) market: Identity is the front line of modern cyberattacks. Today’s adversaries log in and use legitimate identities to move laterally, escalate privileges, and operate inside legitimate sessions as trusted users.

Read Post

CrowdStrike

Read more about CrowdStrike Named a Leader in Identity Threat Detection and Response

You probably don't need private PKI for internal infrastructure

May 26, 2026 By Todd H. Gardner In CertKit

Running your own certificate authority sounds like the responsible choice for internal infrastructure. Distribute your root cert to every machine and issue certs internally. In practice, you spend the next six months chasing down every device, contractor laptop, and vendor console that didn’t get root installed. The warnings come back. And when they do, people click through them, because they always have. There’s a simpler path, and most teams don’t know it exists.

Read Post

CertKit

Read more about You probably don't need private PKI for internal infrastructure

Disrupting Glassworm: Inside CrowdStrike's Takedown of a Developer-Targeting Botnet

May 26, 2026 By Counter Adversary Operations In CrowdStrike

On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads.

Read Post

CrowdStrike

Read more about Disrupting Glassworm: Inside CrowdStrike's Takedown of a Developer-Targeting Botnet

Ep 44: You can't vibe code your way through a production outage

May 26, 2026 By Sumo Logic, Inc. In Sumo Logic

In this episode of Masters of Data, we tackle one of tech's buzziest debates: vibe coding versus production-ready software. We break down where AI-assisted "just make it work" coding genuinely shines (think POCs, prototypes, and getting stakeholder buy-in fast) and where it falls dangerously short when someone tries to ship it to ten thousand enterprise users. We also dig into David's agentic engineering workflow, security risks like malicious MCP servers and supply chain attacks, and why turning a vibe-coded prototype into real software still takes months, not days. Bottom line.

View Video

Sumo Logic

Read more about Ep 44: You can't vibe code your way through a production outage

May 26, 2026 Emerging Threats Weekly

May 26, 2026 By Kroll In Kroll

This week’s briefing covers: Dive deeper.

View Video

Kroll

Read more about May 26, 2026 Emerging Threats Weekly

Introducing the Detectify MCP Server to connect security intelligence into your AI workflows

May 26, 2026 By Detectify In Detectify

We are launching the Detectify MCP Server to deliver real-time vulnerability data and attack surface insights directly into your AI-powered workflows. Built for developers and AppSec teams using Claude Code, Cursor, ChatGPT, and Claude Desktop, it delivers security data straight to your AI assistants via a remote-hosted server, giving you hacker-proof guardrails without adding anything new to deploy or maintain.

Read Post

Detectify

Read more about Introducing the Detectify MCP Server to connect security intelligence into your AI workflows

The New Perimeter in Retail: Turning ZTNA Visibility into App Innovation

May 26, 2026 By Netskope In Netskope

Currys shares its ongoing implementation of zero trust network access (ZTNA) to embed true zero trust principles across the retailer’s application landscape. Full configuration will conclude next year, but the initial rollout for applications has already yielded positive results. Netskope provides deep insight into user behavior, identifying when users attempt to access unknown or unsanctioned applications.

View Video

Netskope

Read more about The New Perimeter in Retail: Turning ZTNA Visibility into App Innovation

Veracode's 20th Anniversary: Two Decades of Data Powering the Future of Software Security

May 26, 2026 By Natalie Tischler In Veracode

Twenty years ago, the idea of continuously scanning software for vulnerabilities at scale was ambitious. Today, it’s essential. As Veracode marks its 20th anniversary, we’re not just looking back at what we’ve built; we’re looking forward at what the data tells us about where software security needs to go next. And the data says a lot.

Read Post