%term

Critical Netlogon RCE on domain controllers (CVE-2026-41089)

Jun 3, 2026 By Tanium In Tanium

A critical, unauthenticated remote code execution vulnerability in Windows Netlogon (CVE-2026-41089, CVSS 9.8) lets a remote attacker run code as SYSTEM on a domain controller. Patch all domain controllers in the same maintenance window with the May 2026 security updates.

Read Post

Tanium

Read more about Critical Netlogon RCE on domain controllers (CVE-2026-41089)

Where Should Humans Sit in AI-Driven Cybersecurity?

Jun 3, 2026 By Exabeam In Exabeam

There is a huge amount of excitement right now about AI and security operations. Across the industry, we are seeing rapid innovation in areas such as behavioural analytics, AI-assisted investigation, and increasingly agent-based capabilities designed to help security teams process large volumes of activity more effectively. Security teams need that help. The scale of alerts, identities, and telemetry they must manage today has grown far beyond what humans alone can realistically handle.

Read Post

Exabeam

Read more about Where Should Humans Sit in AI-Driven Cybersecurity?

Engineering a Gold-Standard Cyber Risk Blueprint

Jun 3, 2026 By UpGuard In UpGuard

The Onboarding Blueprint: Engineering a Gold-Standard Process Learn how to leverage the Vendor Onboarding Portal to stop chasing shadow IT and mitigate risk before exposure. Our Customer Education team will provide a tactical framework to automate vendor tiering and transform manual bottlenecks into a self-executing intake engine. Interested in finding out more about UpGuard?

View Video

UpGuard

Read more about Engineering a Gold-Standard Cyber Risk Blueprint

5 Mindset Shifts for Security Teams with Gal Yosef

Jun 3, 2026 By AlgoSec In AlgoSec

In this episode, Gal Yosef, Head of Product Management at AlgoSec, explores the five critical mindset shifts security teams must make to successfully secure today’s hybrid and multi-cloud environments. As organizations expand across AWS, Azure, GCP, and on-premises infrastructure, traditional security approaches often create silos, visibility gaps, and operational complexity.

View Video

AlgoSec

Read more about 5 Mindset Shifts for Security Teams with Gal Yosef

How Autonomous Pentesting Finds What Scanners Miss

Jun 3, 2026 By Keshav Malik In Astra

The pitch is familiar enough that most security leaders tune it out. It sounds like marketing language, just an updated way of saying “a better scanner.” This post is here to bust the myth behind that framing. Both scanners and autonomous pentesting agents look the same from the outside. Both crawl your application, both send payloads, and both produce findings. But they operate on completely different assumptions of what constitutes a vulnerability.

Read Post

Astra

Read more about How Autonomous Pentesting Finds What Scanners Miss

Warning: Scammers are Exploiting Geopolitical Unrest

Jun 3, 2026 By KnowBe4 Team In KnowBe4

Scammers are taking advantage of the conflicts in the Middle East and Ukraine to exploit people’s emotions, according to researchers at ESET. “Geopolitical turmoil often leads to human misery, which tends to pull at the heartstrings,” ESET says. “Legitimate charities may solicit donations to help their efforts to support innocent citizens caught in the crossfire.

Read Post

KnowBe4

Read more about Warning: Scammers are Exploiting Geopolitical Unrest

Fireside with George Wiemer: Driving Ecosystem Maturity

Jun 3, 2026 By UpGuard In UpGuard

The Supply Chain Uplift: Driving Ecosystem Maturity Stop acting as an auditor and start acting as a partner. Learn how Combe Inc. uses real-time telemetry to identify vendor risks before they are reported, creating a positive feedback loop that hardens the entire supply chain. Interested in finding out more about UpGuard?

View Video

UpGuard

Read more about Fireside with George Wiemer: Driving Ecosystem Maturity

MCP is the New Attack Surface -- and Your Controls Probably Don't Cover It #ai #mcp

Jun 3, 2026 By SafeBreach In SafeBreach

AI just handed attackers a new front door — and most security teams don't even know it exists. Model Context Protocol (MCP) is the emerging standard that lets AI agents talk to your tools, your data, and each other. It's also the most significant new attack surface to emerge in years. The NSA noticed. Your adversaries already have.

View Video

SafeBreach

AI
Security

Read more about MCP is the New Attack Surface -- and Your Controls Probably Don't Cover It #ai #mcp

Phishing Attacks Are Using Real Hotel Reservation Info to Target Travelers

Jun 3, 2026 By KnowBe4 Team In KnowBe4

Scammers are using legitimate hotel booking details to craft targeted phishing attacks, WIRED reports. Victims are far more likely to fall for a phishing attack if a message contains real information that they wouldn’t expect a scammer to know. According to researchers at Norton, this phishing campaign is targeting customers of at least 350 hotels and vacation rentals across 50 countries.

Read Post

KnowBe4

Read more about Phishing Attacks Are Using Real Hotel Reservation Info to Target Travelers

Talk to Your Platform: Spin Up JFrog Self-Service Trials with MCP - No Human Intervention Required

Jun 3, 2026 By Runy Rapaport In JFrog

JFrog is one of the first Software Supply Chain Management and Security Platforms to provide MCP functionality, which we have now opened up to anyone interested in trying Claude and Cursor in their own development environment. Doing a free trial is one of the best ways to see how JFrog integrates with your developers, operations and security.

Read Post