%term

How Aurora Vulnerability Management Provides Asset Visibility, Risk Prioritization, and Remediation

May 23, 2026 By Arctic Wolf Networks In Arctic Wolf

In this demo, we will see how Aurora Vulnerability Management helps organizations discover and categorize assets, prioritize risks, and take action to remediate and patch vulnerabilities.

View Video

Arctic Wolf

Read more about How Aurora Vulnerability Management Provides Asset Visibility, Risk Prioritization, and Remediation

Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer

May 23, 2026 By Ilyas Makari In Aikido

On May 22, 2026, we detected an active supply chain attack against Laravel-Lang. We filed a report with the maintainers immediately. The attacker published malicious version tags across three widely used repositories, injecting credential-stealing code that loads automatically via composer’s autoloader feature. What makes this particularly sneaky is that the malicious code was never committed to the official repos at all.

Read Post

Aikido

Read more about Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer

Deploying AI Agents to Production Kubernetes: A Security Checklist for Platform Teams

May 23, 2026 By Ben Hirschberg In ARMO

Your platform team already runs a production-readiness review on every workload that ships to Kubernetes. When the workload is an AI agent, the PRR doesn’t get thrown out — it gets a delta. Most of the items still apply; specific ones need extension when the workload is non-deterministic, calls tools dynamically, and exercises identity at runtime in ways the manifest didn’t predict.

Read Post

ARMO

Read more about Deploying AI Agents to Production Kubernetes: A Security Checklist for Platform Teams

Running the Inverted Offensive Campaign with Adam Karcher

May 23, 2026 By Rubrik In Rubrik

- What happens when the adversary’s dwell time is measured in years, but your defense is measured in tickets? Adam Karcher, FBI Supervisory Special Agent, Cyber Division, and a member of the Bureau’s AI Working Group, joins the show to break down the "convergent evolution" of modern cyber threats. Karcher explains why defenders are often stuck in a cleanup cycle, while threat actors operate in a sophisticated, compartmentalized ecosystem that requires a fundamental shift in defensive strategy.

View Video

Rubrik

Read more about Running the Inverted Offensive Campaign with Adam Karcher

How to Threat Model AI Agents in Kubernetes: A Practical Framework

May 23, 2026 By Yossi Ben Naim In ARMO

Most threat modeling assumes the attacker has to break something. AI agents change that assumption. An attacker who controls a prompt can make the agent misbehave without breaking anything at all. The prompt can be a customer support ticket the agent reads, a document it retrieves, or a tool response it processes — any input the agent treats as context is an attack surface. On Kubernetes, that attack surface has physical form.

Read Post

ARMO

Read more about How to Threat Model AI Agents in Kubernetes: A Practical Framework

Solving Common DSPM Challenges for Enterprises

May 22, 2026 By Cyberhaven In Cyberhaven

Most data security posture management (DSPM) programs don't fail because the technology is wrong. They fail because of execution gaps, from incomplete data inventory to misclassified data at scale to fragmented cloud environments and teams stretched too thin to act on findings. However, each of these problems is predictable, and each has a known fix.

Read Post

Cyberhaven

Read more about Solving Common DSPM Challenges for Enterprises

Securing AI agents: Why guardrail placement is a key design decision

May 22, 2026 By Yuki Matsuzaki In Datadog

When teams start building AI agents, especially with managed systems like Amazon Bedrock, they often wonder whether simply enabling guardrails is enough to secure their agents. A framework like Amazon Bedrock Guardrails provides a solid foundation for content filtering and policy enforcement, but having guardrails in place is only part of the equation.

Read Post

Datadog

Read more about Securing AI agents: Why guardrail placement is a key design decision

Secure AI Agents in Your SaaS Stack

May 22, 2026 By CrowdStrike In CrowdStrike

AI agents have API access, OAuth permissions, and autonomous workflows across your SaaS apps. Traditional security controls weren’t built for non-human identities. Falcon Shield gives you visibility into AI agent identities across your SaaS environment.

View Video

CrowdStrike

AI
Security

Read more about Secure AI Agents in Your SaaS Stack

Drupal Core SQL Injection Vulnerability (CVE-2026-9082)

May 22, 2026 By Theklis Stefani In Sentrium

In May 2026, the Drupal Security Team disclosed a critical SQL injection vulnerability affecting Drupal core. The issue, tracked as CVE-2026-9082, affects Drupal installations using PostgreSQL and has been assigned a Drupal security risk rating of 23/25. The vulnerability can be exploited by anonymous users, and Drupal has confirmed that exploit attempts are being detected in the wild.

Read Post

Sentrium

Read more about Drupal Core SQL Injection Vulnerability (CVE-2026-9082)

Should You Pay Ransomware Demands? (The Honest Answer)

May 22, 2026 By Razorwire Cybersecurity In Razorthorn

Should organisations pay ransomware demands? Canvas recently paid after a breach exposed student data. Now US Congress is questioning whether payments should be illegal. In this episode of Razorwire Raw, James Rees tackles the ransomware payment dilemma. Ransomware groups operate like commercial organisations - if they don't honour agreements to delete data after payment, nobody would pay them. Some negotiators have been caught telling attackers what insurance payouts will cover.