Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Looks like this problem hasn’t gone away from last year. Seems money makes it persistent. Surprised?

Editor's note: The following guest contribution is by Tanium Domain Acrchitect, Jim Kelly Think about your last security event. Was your team confident nothing was missed? Were there questions about where else this could have left persistence? Most often we are left with uncertainty. That uncertainty can show up in every serious incident. An alert fires, the SOC responds. The immediate threat looks like it is contained.

Securonix Threat Research analyzed a stealthy, multi-stage malware intrusion chain utilizing an obfuscated batch script (non.bat) to deliver multiple encrypted RAT shellcode payloads corresponding to XWorm, XenoRAT, and AsyncRAT.

Ecommerce platforms represent one of the most consistently targeted areas of the modern digital estate. They process payment data, store personal information, integrate with logistics and marketing systems, and underpin revenue for many large businesses. The combination of financial value and sensitive data makes ecommerce security vulnerabilities an attractive target for attackers.

You track your web applications. You inventory your APIs. But is anybody monitoring your AI servers? Just last week research found that there were more than 175,000 exposed versions of Ollama, an AI server popular for self-hosting LLMs. Across enterprises, self-hosted model servers are being deployed on cloud VMs and GPU-backed instances to power copilots, internal automation, and experimental AI features.

AI and automation are embedded in daily work. Copilots draft content and pull in customer context. Agents triage tickets, update records, and trigger workflows across Slack, Salesforce, Jira, and GitHub. In engineering, this acceleration shows up in scripts, CI/CD pipelines, and infrastructure automation that depend on secrets to ship and operate software.

Gartner released its 2025 Magic Quadrant for Exposure Assessment Platforms in November 2025. The new categorization detailed in the report is something we view as a natural progression in response to the way enterprise risk has evolved over the years. It’s a move away from viewing vulnerabilities in a vacuum and looking at a more complete picture of the risk today’s enterprises face.

Lean teams are under constant pressure to move faster: more SaaS, more automations, and more AI woven into daily work. People sign in more often, across more apps, on more devices, and they’re rewarded for speed, not caution.

Many organisations take a phased approach to deploying password managers, starting with IT and security teams and planning to expand later. This approach is often shaped by practical constraints such as budgets, licensing and the need to balance competing priorities. Partial cybersecurity coverage leaves organisations exposed to breach paths that are actively exploited.