Every year, security and tech leaders come to the RSA conference in San Francisco to take the industry’s pulse, and every RSAC tends to be dominated by a single, overarching theme. Last year, the theme was: “AI agents are coming, and governance isn’t ready.” And sure enough, the theme of RSAC 2026 was: “AI agents are here, and governance needs to catch up.”

Researchers at LayerX warn that custom fonts can fool AI web assistants into thinking phishing pages are benign, while the human user sees something completely different. “There is a structural disconnect between what an AI assistant analyzes in a page’s HTML and what a user sees rendered by the browser,” the researchers explain.

Although artificial intelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since. The mass appeal of AI took off in late 2022 when OpenAI publicly released ChatGPTicial iintelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since.

Imagine this: you're running a Shopify Plus store that supplies products to several companies. One customer wants their employees to log in with a simple email and password. Another asks if their staff can use a secure company login. A third keeps requesting one-time passwords for quick access. Managing all these different expectations is difficult since Shopify only offers one login method, i.e., email OTP, and forcing everyone to use it is a headache.

Part 1 covered CanisterWorm, the self-spreading npm worm. Part 2 covered the malicious LiteLLM package and its.pth persistence. This post covers the third wave: a compromised telnyxPyPI package that hides its payload inside audio files and delivers entirely different malware depending on the victim’s operating system.

Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

Multi-factor authentication has been a game-changer. MFA remains one of the most effective measures to protect access to corporate systems and data. That hasn’t changed. What has changed is what attackers can do to get around it.

Quick definition: Data loss prevention (DLP), also known as data leakage prevention or data loss protection, is a set of technologies and policies that stop sensitive corporate data from leaving the organisation due to user negligence, data mishandling, or malicious intent. DLP solutions enforce data handling rules by allowing or blocking data access and transfer operations based on predefined security policies.