Security automation used to mean building a playbook. Someone on the team mapped out a workflow, connected a few tools, and watched it run on the alert types it was designed for. That worked for a while, in a different environment than the one security teams operate in today.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Drupal last week and now another I completely forgot about: Ghost CMS.

The banking industry stands at a critical intersection of technology, security, and customer experience. As financial institutions navigate massive data volumes and increasingly sophisticated threats, they’re also trying to survive the digital transformation that’s made customer expectations higher than ever and trust more fragile than before.

As large language models (LLMs) become more embedded in business operations, the risks and attack methods targeting them are evolving just as quickly. The 2025 edition of the OWASP Top 10 for LLM Applications reflects this rapid evolution, addressing the current threats facing generative AI systems in production environments. For organizations investing in LLMs, understanding the risks is crucial for deploying these systems securely.

I spent nearly a decade in the U.S. Federal Government, including roles at the White House, the U.S. Department of Commerce, and the U.S. Senate. I later advised public sector clients on technology and strategic growth problems at Accenture. The same pattern showed up everywhere I went. Agencies invest in sophisticated network defenses.

Cybersecurity has moved from isolated tools to continuous operations. Most environments already generate alerts and logs across systems, yet attacks still progress undetected. The problem is not visibility but the speed at which teams can detect, understand, and respond to threats. The gap is not caused by a lack of tools but by limited execution capacity. This is where managed security services providers (MSSPs) come in. Modern attacks increasingly rely on identity misuse and legitimate system tools.

Vulnerability scanning gives security teams a starting point, but it has never been the whole picture. Scan results capture known CVEs across applications and systems, yet they say nothing about whether a given weakness is actually reachable, whether the controls around it are functioning correctly, or whether the people with access to it represent a meaningful risk. Exposure management addresses all of that.