Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance (Cap. 653) represents a major shift in cybersecurity regulation. The law moves beyond traditional compliance exercises and places a much stronger emphasis on continuous operational resilience. For designated Critical Infrastructure (CI) operators, the challenge is no longer simply deploying security controls.

A CVE lands in the morning. Hours later, attackers are exploiting it in the wild. The patch is not ready, the change window is days away, and the clock is already running. None of this is new. What changed is that vulnerability exploitation is now the most common path into organizations.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! While laudable, I still think many will just allow everything rather than configure complex CI flows. Happy to be proved wrong.

We're proud to announce that Frost & Sullivan has named CrowdStrike a Leader for the second consecutive time in the 2026 Frost Radar: Cloud and Application Runtime Security (CARS). Building on last year's recognition, CrowdStrike scored highest on both the Growth and Innovation indices.

Modern IT and security teams no longer evaluate platforms in isolation. They ask how a platform fits into the architecture they run, the workflows they trust, and the outcomes they need to improve. Enterprise stacks are not isolated; they are interdependent. Identity shapes access, endpoint posture influences policy, while SIEM tools drive investigations and rely on shared data and context. AI tools introduce new layers and patterns of usage, risk, and data movement across the network.

PHP obfuscation is a lightweight way to make code harder to read but it does not provide much protection against code exposure or reverse engineering. It is often attractive because it is free or low cost, but that can be risky as it typically only masks the code through substitution techniques and does not meaningfully change how the source code is protected.

Attack Surface Monitoring has become a critical component of modern cybersecurity programs. As organizations scale their cloud environments, applications, APIs, and third-party services, so does their external attack surface. Every new cloud instance, API endpoint, marketing microsite, and third-party SaaS tool expands your perimeter. But there are two hard truths for security teams: You cannot protect what you don’t know exists, and you cannot secure what you don’t deeply test.

AI agents do not create risk only when they hallucinate or produce an inaccurate answer. They create risk when they take the wrong action. A single user prompt can move through an application, reach an agent runtime, call a tool, trigger an MCP server, and touch a downstream API. By the time the action happens, the original request may be several layers away from the system that actually changes data, sends information, or executes a workflow. That is the problem security teams now face.