%term

Our comments to NIST: AI agent security starts with human identity verification

May 27, 2026 By Will Wilkinson In Persona

AI agents have developed advanced capabilities faster than most would have imagined. In enterprise contexts, workforces are delegating more and more tasks to them. While the promise of increased productivity is enticing, the shift from deterministic automated tools to agentic autonomous systems introduces security risks that most enterprises haven’t prepared for.

Read Post

Persona

Read more about Our comments to NIST: AI agent security starts with human identity verification

Unified Firewall Management: Cloud & On-Prem Solutions #shorts

May 27, 2026 By AlgoSec In AlgoSec

Organizations struggle with managing diverse firewall vendors across cloud and on-premise. Centralized management is key to consolidating footprints and increasing efficiency in this new paradigm.

View Video

AlgoSec

Read more about Unified Firewall Management: Cloud & On-Prem Solutions #shorts

Free Gift Fallacy: How Attackers Harvest Credit Cards via Fake Surveys

May 27, 2026 By KnowBe4 Threat Lab In KnowBe4

The classic 'survey reward' scam is back and hitting harder than ever. KnowBe4 Threat Labs is tracking a massive, high-volume campaign that is not only impersonating a wide array of trusted global brands across retail, logistics, and healthcare, but is using hundreds of newly registered domains (NRDs) and sophisticated psychological priming to fly past traditional security defenses.

Read Post

KnowBe4

Read more about Free Gift Fallacy: How Attackers Harvest Credit Cards via Fake Surveys

Introducing Persona's Workday Recruiting integration for candidate verification

May 27, 2026 By Jenna Kim In Persona

Imagine spending weeks moving a strong job candidate through a rigorous interview process. The hiring manager is excited for their new hire and collaborates with multiple teams to prepare for a smooth onboarding. But on day one, a completely different person shows up for the job. For too many companies, scenarios like this have become disturbingly common. Besides introducing serious security risks, fake job candidates waste valuable talent team resources.

Read Post

Persona

Read more about Introducing Persona's Workday Recruiting integration for candidate verification

Ep. 60 - The Puppet Masters: Mustang Panda's Long Con Against ASEAN Diplomats

May 27, 2026 By SafeBreach In SafeBreach

When a tired EU diplomat clicks "connect" on an airport Wi-Fi portal, his briefing—and his government's secrets—end up in Chengdu. Hosts Tova Dvorin and Adrian Culley unpack Mustang Panda (APT27 / Bronze President), the Chinese threat group running the long con against NGOs, ASEAN ministries, and Tibetan and Uyghur activists. Inside: captive-portal Wi-Fi Pineapples that bypass MFA, PlugX side-loading through legitimate apps, and the USB worm that jumps air-gapped military networks.

View Video

SafeBreach

Security

Read more about Ep. 60 - The Puppet Masters: Mustang Panda's Long Con Against ASEAN Diplomats

Emerging Threat: (CVE-2026-48172) LiteSpeed cPanel Plugin Privilege Escalation to Root

May 27, 2026 By Igal Zeifman In CyCognito

CVE-2026-48172 is an incorrect privilege assignment flaw in the LiteSpeed User-End cPanel Plugin that allows any authenticated cPanel user to execute arbitrary scripts as root. The bug sits in the plugin's lsws.redisAble function, which can be invoked through the standard cPanel JSON API to run code with elevated privileges instead of the calling user's own. The vulnerability carries a CVSS v4.0 base score of 10.0 (Critical).

Read Post

CyCognito

Read more about Emerging Threat: (CVE-2026-48172) LiteSpeed cPanel Plugin Privilege Escalation to Root

8 ways I use Graph to uncover fraud rings

May 27, 2026 By Ashley Fang In Persona

As a fraud analyst at Persona, I have to balance working on fraud escalations for specific customers and keeping an eye on cross-customer (and cross-industry and cross-region) fraud trends. The work naturally overlaps, as one escalation can turn into a trend as fraud rings move on to new targets. And, getting ahead of large trends helps us stop escalations. I have a lot of tools at my disposal, but I want to discuss Graph, Persona’s real-time link analysis product.

Read Post

Persona

Read more about 8 ways I use Graph to uncover fraud rings

Tanium AI Enrichment and Analysis: Tanium Tech Talks #162

May 27, 2026 By Tanium In Tanium

Tired of decoding commands, searching unfamiliar processes, and guessing alert context? See how Tanium AI Enrichment& Analysis breaks down alert activity, explains risk, and guides response - without leaving your workflow. Join us as we explore how Tanium Threat Response uses AI to: Provide detailed context and security implications Decode complex or encoded command lines Summarize alerts with key findings and context Recommend next steps to accelerate investigation and response.

View Video

Tanium

AI
Security

Read more about Tanium AI Enrichment and Analysis: Tanium Tech Talks #162

Emerging Threat: (CVE-2026-9256) NGINX Heap Buffer Overflow via Rewrite Module

May 27, 2026 By Igal Zeifman In CyCognito

Sample of assets impacted by NGINX nginx-poolslip vulnerability, identified by the CyCognito Platform.

Read Post

CyCognito

Read more about Emerging Threat: (CVE-2026-9256) NGINX Heap Buffer Overflow via Rewrite Module

Why Kuwait's WAMD penalty framework demands real-time payment visibility and in-flight fraud prevention

May 27, 2026 By Joe Kitos In INETCO

When Kuwait launched the WAMD real-time payment rail in 2024, the goal was clear: Enable banks and financial institutions to add speed, convenience and resilience to the country’s national payment infrastructure. Facilitated by the KNET Payment Gateway under the supervision of the Central Bank of Kuwait (CBK), the service has become such a key part of the country’s digital banking ecosystem that the CBK is making it crystal clear that real-time must also mean reliable.

Read Post