Tanium Unveils AI Innovations to Power Autonomous IT and Unstoppable Business
Showcased at its Converge conference, new platform capabilities expand agentic AI, enhance continuous security and broaden support for OT and mobile endpoints.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers
SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users' devices. The research reveals that Comet has implemented a MCP API (chrome.perplexity.mcp.addStdioServer) that allows its embedded extensions to execute arbitrary local commands on users' devices, capabilities that traditional browsers explicitly prohibit. Concerningly, there is limited official documentation on the MCP API.
Seraphic Becomes the First and Only Secure Enterprise Browser Solution to Protect Electron-Based Applications
Seraphic, the leader in enterprise browser security (SEB) and AI enablement, today announced native protection for Electron-based applications such as ChatGPT desktop, Teams, Slack, and more, becoming the first and only browser security platform to introduce this capability.
What Is a Large Language Model (LLM)?
The history of computing is marked by sea change moments; those times when the world seems to shift into a new possibility space almost overnight. ENIAC. The personal computer. The World Wide Web. The smartphone. And now, AI. While the term “AI” has been applied to many new (or re-branded) services and products, the underlying technology that makes most of them feel like magic is the large language model (LLM).
Come see us at Microsoft Ignite: Live Demos & How We Optimize Your Security Stack
We're live. Cheyenne, Walter, and Cain are giving demos, answering questions, and showing how Reach helps teams optimize their security stack. Level up your knowledge and get some loot on this side quest. Come see us: Microsoft Ignite — San Francisco Booth 4037 November 18–21, 2025.
Unlocking Microsoft E3/E5 Security: How Reach Finds Hidden Gaps and Automates Remediation
New product tour who dis Most teams aren’t getting the full value out of their Microsoft E3/E5 stack — not because the tools aren’t powerful, but because the configurations are complex, scattered, and hard to operationalize. Reach maximizes your Microsoft security investment: Interrogating your current Microsoft security configurations→ Reach evaluates the current capabilities of the existing E3/E5 environment, analyzes how the current licenses are being utilized, and identifies opportunities to leverage E5 features to enhance the organization’s security posture.
Network Security Policy Management (NSPM): Keeping Policy and Reality Aligned
Network Security Policy Management (NSPM) is the discipline of defining, enforcing, and maintaining the network policies that govern how systems communicate, what data moves where, and who can access what. It sits at the intersection of security and operations, helping organizations maintain consistent, enforceable rules across increasingly complex infrastructures.
Securing MCP servers with 1Password: Stop credential exposure in your agent configurations
You’ve probably seen a file like this sitting in your project root.
When your AI Assistant Becomes the Attacker's Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.
Why cyber resilience - not just compliance - is critical for manufacturing OT environments
Your manufacturing environment might be compliant, but that doesn't mean it's protected against a cyberattack. Even compliant systems can fall victim to cybercrime. And the consequences can be devastating. The SANS Institute sends a clear message in its 2025 State of ICS/OT Cybersecurity Survey: Regulatory compliance alone is no longer enough in operational technology (OT) environments.