%term

You Patched LiteLLM, But Do You Know Your AI Blast Radius?

Apr 2, 2026 By Rudy Lai In Snyk

For a brief window, a widely used open source package in the AI ecosystem was compromised with credential-stealing malware. LiteLLM, a model gateway used to route requests to more than 100 LLM providers, has been downloaded millions of times per day. In that short window, the malicious versions were likely pulled tens of thousands of times before being caught.

Read Post

Snyk

Read more about You Patched LiteLLM, But Do You Know Your AI Blast Radius?

OT Cyber Resilience: Strategic Data Protection for IEC 62443 and NIS2 Compliance

Apr 2, 2026 By Subramani Rao In Acronis

OT Data Protection & Resilience is the practice of securing industrial control system data, such as PLC logic, HMI configurations, and historian archives, against loss or cyberattack, while ensuring fast recovery to maintain safety and production continuity. In modern industrial environments, the traditional concept of"security as a barrier" is no longer sufficient.

Read Post

Acronis

Read more about OT Cyber Resilience: Strategic Data Protection for IEC 62443 and NIS2 Compliance

The New CISO Ep. 143 - Myke Lyons | From Chef to CISO: Unlocking the Recipe to Security Leadership

Apr 2, 2026 By Exabeam In Exabeam

What does sharpening a knife over a case of onions have to do with incident response? For Myke Lyons, CISO at Cribl, the answer is everything. Myke trained at the Culinary Institute of America — learning speed and accuracy under the clock of a professional kitchen — before a summer IT job in Manhattan set him on an entirely different path. In this episode of The New CISO, host Steve Moore traces that journey and the surprising parallels between culinary craft and security leadership.

View Video

Exabeam

Read more about The New CISO Ep. 143 - Myke Lyons | From Chef to CISO: Unlocking the Recipe to Security Leadership

The coefficient of security friction is slowing teams down. How can you fix it?

Apr 2, 2026 By Christopher Beier In Sumo Logic

Like the sands through the hourglass, so are the days of our SOC lives…. An alert surfaces, and while it doesn’t immediately signal a critical incident, it carries just enough ambiguity to require attention. An analyst opens the investigation, begins pulling in context, reviews authentication activity, pivots into endpoint data, and checks for any corresponding changes in the cloud environment.

Read Post

Sumo Logic

Read more about The coefficient of security friction is slowing teams down. How can you fix it?

Apono vs Entra ID PIM: Building Privileged Access Engineers Will Actually Use Across Cloud

Apr 2, 2026 By Gabriel Avner In Apono

Microsoft Entra ID Privileged Identity Management is designed to bring structure to privileged access inside Microsoft environments. It allows organizations to make roles eligible, require activation, and enforce approval workflows. Within Azure, it performs that role predictably. The challenge begins when engineering workflows extend beyond Azure. Modern infrastructure rarely lives in a single ecosystem.

Read Post

Apono

Read more about Apono vs Entra ID PIM: Building Privileged Access Engineers Will Actually Use Across Cloud

The Agentic Stack Explained: How LLMs, MCP Servers, and APIs Work Together

Apr 2, 2026 By Eric Schwake In Salt Security

The term AI agent is dominant in current cybersecurity discourse. Vendors, analysts, and CISOs all use the label, yet technical confusion remains regarding how agents actually operate and where the security risks reside. Beneath the surface-level familiarity, there is often significant confusion about what an AI agent actually is, how it operates technically, and most importantly for security teams, where the risk actually lives.

Read Post

Salt Security

Read more about The Agentic Stack Explained: How LLMs, MCP Servers, and APIs Work Together

Your AppSec Pipeline Is Lying To You: More Vulnerabilities Security

Apr 2, 2026 By Rishika Mehrotra In Appknox

357 crash reports. 2 actual bugs. That is not a typo. That is the reality of modern application security testing. In a recent fuzzing campaign, over a thousand crash files were generated across billions of executions. After crash deduplication and triage, that number collapsed to just two unique issues. Not hundreds of vulnerabilities. Not dozens of risks. Two. And yet, most security teams would have celebrated the initial numbers.

Read Post

Appknox

Read more about Your AppSec Pipeline Is Lying To You: More Vulnerabilities Security

Go beyond device health with External Checks in 1Password Device Trust

Apr 2, 2026 By 1Password In 1Password

Most organizations already have the policies they need in place. The problem is enforcement.

Read Post

1Password

Read more about Go beyond device health with External Checks in 1Password Device Trust

Natoma and 1Password help enterprises scale AI securely with governed agent access

Apr 2, 2026 By 1Password In 1Password

To support enterprise workflows like monitoring systems, triaging support tickets, and automating routine work, AI agents need access to the same sensitive systems employees use, including databases, APIs, SaaS tools, and internal infrastructure. However, many of these systems still rely on shared passwords, API keys, tokens, and other credential-based access paths that are difficult to manage and control.

Read Post

1Password

Read more about Natoma and 1Password help enterprises scale AI securely with governed agent access

Identity and Access Management: The foundation of security

Apr 2, 2026 By One Identity In One Identity

Organizations put in place firewalls, antivirus, intrusion detection and prevention systems, but the bad guys still get in and wreak havoc – often through the front door. Teams need to put strict controls and governance around all identities with access to resources to defend against insider threats.

View Video