Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your cloud footprint probably grew faster than your monitoring program did. That's the normal path. A team starts with one cloud account, one logging service, and a few dashboards. Then come managed databases, containers, serverless functions, SaaS integrations, new identities, and temporary workloads that appear and disappear before anyone documents them. Security ends up with a pile of logs, a backlog of alerts, and a nagging suspicion that the dangerous activity isn't the stuff already visible.

The 2026 Kubernetes Community Day in NYC made trust an execution problem, linking zero trust APIs, agent governance, CVE evidence, and sustainable open source work.

On June 5, 2026, ServiceNow quietly pushed a security update to hosted customer instances. The fix, described in an internal knowledge base article, addressed a flaw that let unauthenticated users gain more access to ServiceNow-hosted data than they were ever supposed to have. No password. No credentials. The remediation itself tells the whole story: ServiceNow changed an endpoint configuration to restrict access to authenticated users only. Read that again.

A lot moved in May. ThreatSpike product updates this month spanned almost every corner of the platform, and a good few the community has been asking for. From port scanning in automated recon, to PDF imports into the Knowledge Base – the list covers a lot of ground. Below is everything that shipped, what it does, and what’s been fixed.

Security Insights provides actionable security recommendations for every Cloudflare account. To find these insights, we perform regular scans for all accounts, zones, and DNS records, looking for potential security risks and misconfigurations. However, two key issues emerged. First, our scans were too infrequent. Scans were only being performed every week or two, and therefore newly introduced security risks could remain undetected for up to two weeks.

Security teams have spent years securing human logins, service accounts, and machine identities. Agentic AI introduces a more autonomous class of software actor: systems that can plan, call tools, delegate tasks, and act across environments. This is a concern because most access models were built around static roles and pre-approved permissions. Multi-agent systems put a new spin on those assumptions.

From a fast-growing ransomware affiliate network to a politically motivated DDoS collective and a prolific data extortion group, these three threat actors represent distinct but pressing risks across sectors and regions. CYJAX breaks down what each group does, why they matter, and what security teams should know.

A manufacturer's most valuable assets rarely sit in a vault. They live in CAD files, chemical formulations, process parameters, supplier contracts, and tooling specifications that move every day between engineers, plants, partners, and contractors. That movement is what makes the business run, and it is also what makes trade secrets easy to lose. A departing engineer copies a design folder. A contractor forwards a spec sheet to a personal account.

Ransomware is a type of malware that blocks access to a victim’s system or network. Once the attack runs, it can encrypt selected files, lock systems, or disrupt access to business operations. Then, they demand a ransom in exchange for restoring access or providing a decryption key. In many cases, ransomware encrypts files so the victim cannot use them. Some ransomware can also lock systems or disrupt access to business operations.