Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! The comments are particularly interesting too!

So you’ve got a groundbreaking product that has outstanding market fit. Your prospects love it and are raring to buy. Amazing. But before they can hit approve on the order, they need to make sure you’re SOC 2 or ISO 27001 compliant because their compliance officer won’t let them work with any vendor that hasn’t passed their audit. This is the joy of selling to regulated customers — which today, let’s be honest, is almost everyone.

At some point, something bad always happens. Incidents like NHI sprawl and data ownership are always preventable. A supply chain attack finds its way either through upstream infiltration or downstream delivery. However, despite being aware of this, the problem persists. 54% of large organizations see supply chain challenges as a barrier to cyber resilience. There is complexity and interdependency among different systems, software, and teams that require access to one another.

The era of secrets living in fixed systems and accessed through a handful of workflows is long gone. Modern development is faster, more automated, and increasingly AI-assisted. Developers need access to secrets everywhere their code runs – across CI/CD pipelines, local environments, and AI-driven workflows.

In this first installment of a series on the transformation of SafeBreach’s development organization, VP of Development Yossi Attas outlines how his team is managing the strategic shift toward an AI-First development methodology. This includes moving beyond simple tool adoption to a fundamental redefinition of the software engineer’s role. Read on as we explore.

While attackers often find low-privileged credentials after creating a process dump of LSASS or harvesting hashes with a tool like Responder, they are rarely able to do anything with those credentials (RDP aside). We set out to discover how malicious actors might exploit Microsoft Windows remote procedure call (RPC) protocols to gather data remotely as a low-privileged user using RPC as an attack surface.

During independent security research, a CSS injection vulnerability (CVE-2026-26000) was identified in the XWiki platform. XWiki is an open-source enterprise wiki and collaboration platform commonly used for internal documentation and knowledge management. According to XWiki, the platform has over 8,000 active installations and is used by organisations such as Lenovo and Amazon, meaning vulnerabilities can affect a large and diverse user base.

The assumption that you’re ‘too big to fail’ or ‘too small to get noticed’ simply doesn’t hold water anymore. The year 2025 showed us once again that even the largest names on the market are not invincible. The same is true for any company that depends on their infrastructures. Without a real Plan B, your business’s reliance on cloud tech giants might be risky.

Artificial intelligence has become the ultimate paradox for today’s security leaders: it is simultaneously their sharpest new instrument and their biggest emerging attack surface. As boards push hard to “put AI everywhere,” CISOs must balance innovation with accountability, often in environments where AI pilots are already live before security is invited to the table.