%term

The AI Compliance Gap No One's Talking About (ISO, NIST, EU AI Act)

Apr 2, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about The AI Compliance Gap No One's Talking About (ISO, NIST, EU AI Act)

Why HR Must Add Cybersecurity to New Hire Onboarding

Apr 2, 2026 By Scott Gray In 11:11 Systems

Welcome to the team! New hires hear this phrase often during their first few weeks on the job. Onboarding new employees is essential as it sets the tone for company culture, expectations, and values. You use this time to teach new employees about their roles, workplace conduct, and benefits. But one critical value often gets left off the HR checklist: cybersecurity awareness. Protecting sensitive data is no longer just the IT department’s job.

Read Post

11:11 Systems

Read more about Why HR Must Add Cybersecurity to New Hire Onboarding

ThreatSpike March Updates

Apr 2, 2026 By admin In ThreatSpike

Another SaaS integration for the books! Incidents can now be automatically generated in the portal from email addresses in ProofPoint alerts. These are then linked to portal users, as well as any devices those users are logged in to.

Read Post

ThreatSpike

Read more about ThreatSpike March Updates

Rubrik Presents: Full Access

Apr 2, 2026 By Rubrik In Rubrik

In a world where 80% of attacks exploit compromised credentials, your identity posture is your only real defense. Join us for a mockumentary tabletop where we stop blaming the humans and start fixing the identity architecture. Check out our website for more info.

View Video

Rubrik

Read more about Rubrik Presents: Full Access

Secure Coding Techniques that Is Critical for Modern Applications

Apr 2, 2026 By SecuritySenses In SecuritySenses

Let's be honest: software ships faster today than most security teams can comfortably keep up with. Microservices, sprawling APIs, cloud-native deployments, and AI-assisted code generation have accelerated development at an unprecedented pace. But buried within that speed are small, overlooked coding mistakes that quietly open the door to serious breaches.

Read Post

SecuritySenses

Read more about Secure Coding Techniques that Is Critical for Modern Applications

How to save X and Twitter videos offline before your next flight with an X downloader

Apr 2, 2026 By SecuritySenses In SecuritySenses

You found the perfect travel vlog thread on X last night. Thirty seconds of a hidden beach, a street food tour filmed in 4K, a local musician jamming under a bridge. Your flight boards in an hour, and airport Wi-Fi just dropped. That content might still be there when you land, or it might not. An X downloader like sssTwitter lets you grab those posts as mp4 or mp3 files while you still have signal, so your phone becomes its own offline library before the cabin door closes.

Read Post

SecuritySenses

Read more about How to save X and Twitter videos offline before your next flight with an X downloader

What major cyberattacks reveal about the cost of slow recovery

Apr 1, 2026 By Sharon Natasha Francis In ManageEngine

Cyberattacks often succeed not because they are sophisticated but because organizations lack reliable backups or struggle to restore data quickly. When recovery is slow, even minor disruptions can escalate, providing attackers with the time and leverage they need to deploy ransomware and halt operations. When systems go down, every minute of downtime results in operational disruption, a drop in revenue, and lost customer trust.

Read Post

ManageEngine

Read more about What major cyberattacks reveal about the cost of slow recovery

Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

Apr 1, 2026 By TAC Security

TAC Infosec, a global leader in cybersecurity (NSE: TAC), with presence across 100+ countries, announced a historic milestone by crossing 10,000 clients - 6,500+ of TAC Security and 3,500+ of CyberScope, since April 2024, delivering on its commitment to shareholders to achieve this by 2026.

Read Post

Read more about Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

Axios npm package compromise: What happened, what matters, and how to respond

Apr 1, 2026 By Tanium In Tanium

Attackers carried out a supply chain compromise by abusing a compromised npm maintainer account to publish malicious Axios versions (axios@1.14.1 and axios@0.30.4). These releases introduced an unexpected dependency, plain-crypto-js@4.2.1, which attempted platform-specific malware execution via an npm lifecycle script during installation on Windows, macOS, and Linux.

Read Post

Tanium

Read more about Axios npm package compromise: What happened, what matters, and how to respond

STARDUST CHOLLIMA Likely Compromises Axios npm Package

Apr 1, 2026 By Counter Adversary Operations In CrowdStrike

On March 31, 2026, a threat actor used stolen maintainer credentials to compromise the widely used HTTP client library Axios Node Package Manager (npm) package and deploy platform-specific ZshBucket variants. CrowdStrike Counter Adversary Operations attributes this activity to STARDUST CHOLLIMA with moderate confidence based on the adversary’s deployment of updated variants of ZshBucket (malware uniquely attributed to STARDUST CHOLLIMA) and overlaps with known STARDUST CHOLLIMA infrastructure.

Read Post