Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The UK Government’s Cybersecurity and Resilience Bill marks a significant shift in how the nation safeguards critical infrastructure. The Bill moves beyond voluntary measures and fragmented self-regulation and introduces a mandated framework for resilience, signalling that cyber protection is now a strategic obligation for many sectors including healthcare, critical national infrastructure (CNI) transport and digital infrastructure.

Organizations that work with the US government must adhere to strict procedures covering procurement protocols, non-discrimination policies, and rigorous cybersecurity. That’s because working with government agencies often involves handling sensitive and legally protected data, and failure to comply can result in financial and legal consequences.

Broadcom’s VMware acquisition brought massive pricing changes that caught most IT departments off guard. The company eliminated perpetual licenses, forcing everyone into subscription models while implementing steep VMware license cost increases and new minimum core requirements. These aren’t minor adjustments: Broadcom restructured the entire VMware license pricing model.

For years, AI and machine learning workloads lived in the lab. They ran as internal experiments, batch jobs in isolated clusters, or offline data pipelines. Security focused on internal access controls and protecting the data perimeter. That model no longer holds. Today, AI models are increasingly part of production traffic, which is driving new challenges around securing AI workloads in Kubernetes.

I’ve seen more data breaches caused by USB drives than you think. Not fancy hacks. Not nation-state attacks. Just people moving files quickly because they had to get something done. A USB drive feels harmless. It’s small, familiar and fast. You plug it in, copy a file, unplug it and move on. That’s exactly why it’s dangerous. USB flash drives and external storage devices carry the most valuable data an individual or organization owns. Contracts. Client records.

In January 2026, the GNU telnetd service from GNU InetUtils was found to be vulnerable to authentication-bypass by Simon Josefsson. Tracked as CVE-2026-24061, this flaw allows an attacker to establish a Telnet session without providing valid credentials, granting unauthorized access to the target system. The vulnerability exists all the way up to version 2.7-2 of the GNU telnetd service and, as indicated by Simon, looks like it was taken right out of the 90s.

Insider threats remain one of the most challenging security risks organizations face. Unlike external attackers who must breach perimeters, insiders already possess legitimate access to critical systems and data. They understand security controls, know where valuable assets reside, and can operate under the radar of traditional rule-based detection systems for extended periods.

Guest post by WatchGuard Tech All-Star, Michael Carter II At a glance: The trend is hard to ignore: most attackers do not “break in” anymore; they sign in using stolen or abused identities, not by bypassing a next-gen firewall, your EDR, or those fancy email and collaboration tool defenses. If an unauthorized identity can export it, you have not protected it, no matter how many controls you have in place.