Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For years, AI and machine learning workloads lived in the lab. They ran as internal experiments, batch jobs in isolated clusters, or offline data pipelines. Security focused on internal access controls and protecting the data perimeter. That model no longer holds. Today, AI models are increasingly part of production traffic, which is driving new challenges around securing AI workloads in Kubernetes.

I’ve seen more data breaches caused by USB drives than you think. Not fancy hacks. Not nation-state attacks. Just people moving files quickly because they had to get something done. A USB drive feels harmless. It’s small, familiar and fast. You plug it in, copy a file, unplug it and move on. That’s exactly why it’s dangerous. USB flash drives and external storage devices carry the most valuable data an individual or organization owns. Contracts. Client records.

In January 2026, the GNU telnetd service from GNU InetUtils was found to be vulnerable to authentication-bypass by Simon Josefsson. Tracked as CVE-2026-24061, this flaw allows an attacker to establish a Telnet session without providing valid credentials, granting unauthorized access to the target system. The vulnerability exists all the way up to version 2.7-2 of the GNU telnetd service and, as indicated by Simon, looks like it was taken right out of the 90s.

Insider threats remain one of the most challenging security risks organizations face. Unlike external attackers who must breach perimeters, insiders already possess legitimate access to critical systems and data. They understand security controls, know where valuable assets reside, and can operate under the radar of traditional rule-based detection systems for extended periods.

Guest post by WatchGuard Tech All-Star, Michael Carter II At a glance: The trend is hard to ignore: most attackers do not “break in” anymore; they sign in using stolen or abused identities, not by bypassing a next-gen firewall, your EDR, or those fancy email and collaboration tool defenses. If an unauthorized identity can export it, you have not protected it, no matter how many controls you have in place.

Security incidents and service disruptions are never simple. They are rarely the result of a single mistake, and they don’t only happen to organizations that “did something wrong.” In reality, many of the most capable, well-resourced companies experience them precisely because they operate at scale, under constant pressure, and within complex, interconnected environments.

Even well-maintained Magento and Adobe Commerce environments still land PCI DSS findings against 6.4.3 and 11.6.1. When that happens, it’s usually not a server-side Magento configuration issue. Instead, it’s a client-side runtime governance gap that Magento and most server-side stacks aren’t designed to close, even with helpful guardrails like CSP and SRI on payment pages.

If your latest PCI DSS audit report flagged gaps against Requirements 6.4.3 and 11.6.1, it’s not time to panic yet. These findings are common and entirely fixable. Most of the time, the gap is between static guardrails and continuous runtime governance. QSAs assess whether you have active control over what executes in the client browser, not simply whether guardrails are configured. That is also why traditional controls like CSP or manual reviews can feel complete and still fall short.