Here’s our guide on how to make OpenClaw safe and secure to run.

Outages recently disrupted 46% of organizations just in 2025, yet 47% of executives still rate their resilience as high, according to a SAS report. In other words, despite nearly half the industry facing service failures, almost half still believe they’ve solved the problem. It seems surprising. The more so in times when a single outage or vendor lock-in can halt all operations on a given platform.

Approximately 1,600 Ivanti Endpoint Manager Mobile (EPMM) instances are currently exposed globally, creating a significant attack surface for enterprise mobile infrastructure. Ivanti has disclosed two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, that allow unauthenticated remote code execution on affected on-premises deployments. CVE-2026-1281 has been confirmed exploited prior to disclosure and is now listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

When news broke that the Head of CISA uploaded sensitive data to ChatGPT, the response was predictable: panic, headlines, and renewed questions about AI safety. But this incident reveals more about confusion than actual risk. The real issue? Most organizations don’t understand what they’re actually risking when they use AI tools. Let’s fix that.

The shadow technology problem is getting worse. Over the past few years, organizations have scaled microservices, cloud-native apps, and partner integrations faster than corporate governance models could keep up, resulting in undocumented or shadow APIs. We’re now seeing this pattern all over again with AI systems. And, even worse, AI introduces non-deterministic behavior, autonomous actions, and machine-to-machine decision-making. Put simply, shadow AI is much, much riskier than shadow APIs.

Since our previous security bulletin, Arctic Wolf has observed malicious activities in the wild tied to suspected exploitation of CVE-2026-1731 of self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments. We are sharing threat intelligence related to this activity to help defenders protect against this campaign. CVE-2026-1731 allows unauthenticated remote threat actors to execute operating system commands in the context of the site user via specially crafted requests.

Every mobile team has shipped an app that technically worked, and still caused problems. Sometimes it’s a last-minute App Store rejection. Sometimes it’s a privacy disclosure mismatch. Sometimes it’s a vulnerability discovered days after release, when rollback is no longer clean. The pattern is consistent, which isn’t a lack of tooling but a lack of release readiness clarity. Release readiness isn’t about perfection. It’s about answering one question with confidence.

Traditional penetration testing has long been a cornerstone of cyber assurance. For many organisations, structured annual or biannual tests have provided an effective way to validate security controls, support compliance requirements, and identify material weaknesses across infrastructure, applications, and external attack surfaces.

Now that CMMC is a mandatory part of participating in the defense supply chain, a lot of businesses are starting to grapple with the requirements and what they mean for operations. One of the biggest roadblocks is the use of an MSP, or Managed Services Provider. MSPs are the backbone of many businesses that don’t have the resources to spin up entire architectures on their own. It’s a huge benefit and allows companies to exist when otherwise the investment to get started would be way too high.