Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When an auditor walks through your door, they aren't looking for a list of vulnerabilities; they're looking for proof that your Third-Party Cyber Risk Management (TPCRM) program is consistent, defensible, and robust. Internal and external auditors evaluate the Vendor Risk Management process by testing evidence, but they do so with different goals.

You've been here before. The vendor risk assessment is complete, the report is generated, and it lands on a stakeholder's desk. And yet, this comprehensive, detailed document, which provides vital information on a vendor's security posture, goes nowhere. The handoff lands in limbo.

Low-code workflow builders have flourished in the AI wave, providing the “shovels and picks” for non-technical users to make AI-powered apps. Flowise is one of those tools and, like others in its category, it has the potential to leak data when configured without user authentication. To understand the risk of misconfigured Flowise instances, we investigated over a hundred data exposures found in the wild.

Modern breaches rarely begin with a brute-force attack on a firewall, they now start with a user login. Valid account credentials are now a top initial access vector, responsible for 30% of all intrusions. In this post, we address a common misconception surrounding the inforstealer malware that may be putting you at risk of a data breach.

The tools designed to build your next product are now being used to build the perfect attack against it. Generative AI platforms can spin up a pixel-perfect replica of your brand's login page in minutes, launching high-fidelity phishing campaigns at a scale and speed that legacy security models cannot handle. This isn't an emerging threat; it's an industrialized phishing engine that’s already being weaponized against businesses.

The Department of War’s (DoW) new Cybersecurity Risk Management Construct (CSRMC) marks a watershed moment for cyber defense. This move confirms that static, checklist-based security is obsolete. To defend against modern threats, organizations must adopt the continuous and proactive posture management approach experts have been recommending for years.

As businesses expand, so do their lists of third-party vendors—and with them, the number of risk factors and complexity. This increase means that security analysts are often overwhelmed by a growing number of vendor risk assessments. However, completing an assessment alone isn’t enough; its value depends on how effectively the results are communicated.

For months now, journalists and cybersecurity experts, including UpGuard, have been following the movements of the hacker collective “Scattered Lapsus$ Hunters,” a sort of supergroup of the already well-known cybercriminal entities ShinyHunters, Scattered Spider and Lapsus$. Now, this collective has launched a website where they can extort payment from entities in return for delisting and deleting their data.

Security teams have struggled for far too long with a patchwork of siloed security tools, static compliance checks, and an increasingly adversarial threat landscape to continue down that path, especially when each of these challenges is making their organizations more vulnerable by the minute. Previously in this CRPM series, we’ve established that traditional security approaches are no longer adequate to keep pace against AI-driven attacks and the multi-pronged missions of cybercriminals today.

The line between the digital and physical worlds blurs completely when a cyber attack results in widespread, tangible disruption. For thousands of travelers, this became a harsh reality when major European airports were forced to delay flights due to a ransomware attack targeting a vendor in the supply chain.