Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cloudflare

Route public traffic to private applications with Cloudflare

Jun 10, 2026 By Enrique Somoza In Cloudflare
For most of the Internet’s history, public and private infrastructure operated as separate worlds. Public applications lived behind content delivery networks (CDNs) and web application firewalls (WAFs). Private applications lived behind virtual private networks (VPNs), firewalls, and separate operational stacks. We think that distinction is becoming obsolete.
Read Post
bitsight

Claude Fable 5 and the New Reality of AI-Enabled Third-Party Risk

Jun 10, 2026 By Emma Stevens In BitSight
Anthropic recently announced the release of Claude Fable 5, a public version of its more powerful Mythos AI model. Technology that was previously only accessible to a select few organizations is now available to businesses at an enterprise level. AI vendors are building the guardrails while threat actors are studying their attack vectors. Essentially, we are giving the keys to the AI world to businesses and hoping the guardrails hold steady. Security teams need to prepare even faster now.
Read Post
Corelight

Black Hat Asia 2026: Everything from cat feeders to solar farms

Jun 10, 2026 By Ben Reardon In Corelight
There is a saying you will hear from veterans in the Black Hat Network Operations Center (NOC): “Threat hunting on the Black Hat network is like trying to find a needle in a stack of needles." With dozens of training classes running live exploit chains, capture-the-flag traffic, and researchers probing every corner of the internet, our Corelight sensors generate a rich set of Zeek logs, many of which can look suspicious in varying degrees.
Read Post
aikido

Code is being written everywhere, and the device is the only constant

Jun 10, 2026 By Nicholas Thomson In Aikido
This post is based on Mackenzie's conversation with James Hawkins on The Secure Disclosure podcast. Listen to the full episode or watch below. PostHog's engineering team is merging roughly as many pull requests through Slack as through their code editor. As James Hawkins, co-founder and co-CEO of PostHog, explains on the podcast, the shift towards dispersed coding interfaces is underway. "Why are code editors all desktop apps right now? That's a relic of the past.
Read Post
aikido

SBOMs in 2026: Everyone's generating them, no one's using them

Jun 10, 2026 By Jens Gellynck In Aikido
ENISA just published its SBOM Adoption State of Play 2026, based on a survey of 334 organizations (65% EU-based, 80% directly impacted by the Cyber Resilience Act (CRA)). It is the clearest snapshot yet of where the industry stands on software supply chain transparency, and the picture is more nuanced than "everyone's on board." Here's what stood out.
Read Post
knowbe4

Nearly Two-Thirds of CEOs Cite Cyberattacks as Their Top Concern

Jun 10, 2026 By KnowBe4 Team In KnowBe4
Cyberattacks are now the top concern of leading CEOs, overtaking fears over geopolitical turmoil or inflation, the Wall Street Journal reports. A survey by the Conference Board and the Business Council found that 65% of CEOs at blue-chip companies cited cyberattacks as their top worry in the second quarter of 2026, an increase from 56% in Q1 2026.
Read Post
knowbe4

A Look at Spam vs. Phishing: 4 Key Differences

Jun 10, 2026 By KnowBe4 Team In KnowBe4
Spam and phishing are often used interchangeably in email security, but they serve distinct purposes and carry varying levels of risk. Understanding the difference between spam vs. phishing helps organizations better recognize threats and respond appropriately. This guide breaks down how spam and phishing differ, how to identify each, and what steps organizations can take to reduce risk.
Read Post
knowbe4

KnowBe4 Wins Multiple 2026 TrustRadius Top Rated Awards

Jun 10, 2026 By KnowBe4 Team In KnowBe4
We’re proud to share that KnowBe4 has once again been recognized as a leader in cybersecurity, receiving six 2026 TrustRadius Top Rated Awards across our platform. These awards are especially meaningful because they’re based entirely on customer feedback—making them a direct reflection of how our customers view the value and impact of our partnership.
Read Post

Ep. 62 - Zero Trust Breaks Against MCP: Why "Verified" No Longer Means Safe

Jun 10, 2026 By SafeBreach In SafeBreach
Most enterprises assume their Zero Trust architecture covers their AI agents. It doesn't. Hosts Tova Dvorin and Adrian Culley break down why zero trust breaks against the Model Context Protocol (MCP)—and why "verified" no longer means "safe." They unpack trust decay, the WhatsApp and GitHub MCP exploits, rug-pull tool poisoning, CVE-2025-49596, and the rise of "zero standing trust," then close with three moves for CISOs this quarter: inventory your MCP estate, mandate authentication, and validate your controls.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.