I spend most of my time thinking like a criminal. Not because I’m edgy, but because that’s literally the job. And lately, everywhere I look, I see the same thing: People are exposing MCP endpoints like they’re REST APIs, and forgetting they’re actually money execution engines. So let’s talk about Token Torching. Yes, I invented another name. This isn’t data theft. It’s not taking your service down.

A global technology services provider based in the United Kingdom, with more than 11,000 employees, was quickly scaling while serving clients across the finance, telecom, media, retail and healthcare sectors. Behind the scenes, its Information Technology (IT) and security teams were facing growing challenges: too many password tools, limited visibility into access controls and widening compliance gaps as cyber threats became more sophisticated.

Cato Networks’ SASE certification portfolio has taken a major step forward with Cato’s official recognition as an ISC2 Continuing Professional Education (CPE) Partner. ISC2 is one of the most trusted names in cybersecurity, representing more than 500,000 members worldwide. Their certifications are widely regarded as the benchmark for professional excellence in security.

The best security combines configuration controls (TLS, headers, network policies, pod security) with runtime behavioral monitoring that detects anomalies your configuration can’t see. Configuration creates the baseline—it defines what should happen. Runtime protection catches what gets through—it shows what is happening. You need both, but most teams only have the first.

A leading insurance and asset management company was hit by a large-scale data breach, impacting more than four million customer and employee records and resulting in widespread media attention. Through an accelerated response with emergency call center support, a dedicated support website and expedited notice mailing, Kroll’s Breach Notification services ensured the business was able to take quick and decisive action following this globally significant security event.

What is a cloud workload protection platform (CWPP)? Security for the workloads actually running in your cloud—VMs, containers, and serverless functions doing real work. Unlike posture management (CSPM) that checks configurations, CWPPs monitor processes, network connections, and application behavior to catch threats as they happen. What’s the difference between CSPM, CWPP, CNAPP, and CADR? CSPM scans cloud settings for misconfigurations. CWPP protects running workloads.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! You might want to get on to this…