Practically no one runs a single Kubernetes cluster in production these days. Maybe that’s how it started but data sovereignty requirements, acquisitions, AI initiatives and the need for edge servers, among other considerations, have pulled most enterprises into multi-cluster territory whether they planned for it or not.

With version 2.3.0, GitProtect brings the long-awaited support for Confluence, SharePoint, and shared mailbox backup. Speaking of DevOps stack protection, your repo copies now feature enhanced granularity and accelerated recovery with automated mapping. Release 2.3.0 also includes a number of stability and performance improvements. Below, you can find a detailed overview of the new features.

CVE-2026-0300 is a critical buffer overflow vulnerability in the User-ID Authentication Portal service, also known as Captive Portal, within PAN-OS. It allows unauthenticated remote attackers to send specially crafted packets and achieve arbitrary code execution with root privileges on affected PA-Series and VM-Series firewalls. The flaw stems from improper handling of input data in the authentication portal component, enabling out-of-bounds writes that corrupt memory and grant full system control.

Your app passed testing. CI/CD ran clean. The App Store approved it. Your security team signed off. Six weeks later, attackers are reverse-engineering the binary on rooted devices, injecting JavaScript into your runtime, and probing API endpoints your scanner never modeled. Nothing in the code changed. The threat environment did. This is the central problem of modern mobile application security, and it doesn't get fixed by adding more pre-release scanners.

Every time a user submits a form, uploads a file, or completes a transaction, that data has to live somewhere, and governments increasingly want that “somewhere” to be within their own borders. Data localization has moved from a niche regulatory concern to a core infrastructure decision for any organization operating across jurisdictions.

Most enterprise AI agent governance programs publish policies at the bottom three rungs of a runtime enforceability ladder while their architecture diagrams claim rung four. Almost no program reaches rung five, the only rung that produces evidence an auditor cannot dispute. The mismatch shows up in the audit committee meeting. The CISO walks in with the NIST AI RMF mapping, the AUP, the model cards, and the vendor risk assessments for every third-party API the agents call.

Most organizations have an incident response plan on file. Few have one that survives first contact with a real incident. Rigorous, recurring testing remains the exception, so most teams only discover their plan's failure points during an actual breach. That gap is expensive. Teams that lean on security AI and automation consistently contain breaches faster than those still running responses by hand.

A CNAPP isn’t a single instrument. It bundles five separately-instrumented security domains — CSPM, CWPP, CIEM, CDR, and a fifth add-on module marketed as AI security — each watching a different observation point. So when leadership asks whether your CNAPP can secure the AI agents your team has shipped, you don’t get one answer. You get five.

In the IT world, there is something quietly sinister about a bank holiday. It’s not the holiday itself – who doesn’t love a bank holiday – a long weekend, a reason to grill something in unpredictable weather, the particular pleasure of feeling like you’ve slipped a Monday… The sinister part is structural.