Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Reduce SAST false positives with agentic evaluation and Bits Memories

Static application security testing (SAST) tools are intentionally conservative. Traditional scanners identify code that appears exploitable and flag the snippet for review, even when protections elsewhere in the application prevent exploitation. Although that approach helps teams catch vulnerabilities, it also creates false positives that consume developer time, slow remediation efforts, and make future alerts easier to dismiss.

Emerging Threat: (CVE-2026-55957) Apache Tomcat Authentication Bypass via JNDIRealm GSSAPI Binds

CVE-2026-55957 is a missing critical step in authentication in Apache Tomcat, present when the JNDIRealm is configured to authenticate binds using GSSAPI. The vulnerability carries a CVSS v3.1 base score of 9.8 (Critical), based on network attack vector, low attack complexity, no privileges required, and no user interaction.

Real-world attack surface monitoring at massive scale: how the UK Government protects over half a million public sector domains

Scaling application security and attack surface monitoring inside a single enterprise is a massive headache. In June 2026, the Department for Science, Innovation and Technology (DSIT) of the UK Government joined us on stage at Infosecurity Europe to share the reality of a challenge that puts even the largest corporate hurdles into perspective.

Continuous AI Pentesting: What We're Building, and What It's Already Finding

Over the past months, I’ve noticed a shift in customer conversations. Coverage, prioritization, emerging threats — those questions have given way to exposed MCP servers, unmanaged AI chatbots, and risks that don’t show up as CVEs. Mythos comes up in every other call. The calculus changed. AI now writes a quarter of production code, with twice as many vulnerabilities. The exploitation window collapsed from days to hours.

Emerging Threat: (CVE-2026-27577) n8n Remote Code Execution via Workflow Expressions

CVE-2026-27577 is a code injection flaw in n8n, an open-source workflow automation platform, that lets an authenticated user with permission to create or modify workflows run system commands on the host through crafted workflow expressions. The vulnerability carries a CVSS base score of 9.4 (Critical). Exploitation requires authentication, but only the level of access needed to build or edit a workflow, which is a routine privilege for many users of the platform.

Your Attack Surface Is Bigger Than You Think: Insights from the Arctic Wolf 2026 State of the Cybersecurity Attack Surface Report

Most security teams aren’t naive to the growing risk in their environment, but because of high event volume and asset visibility gaps, emerging risk dynamics have become increasingly challenging to act on. Arctic Wolf’s latest State of the Cybersecurity Attack Surface report puts real data behind the challenge.

Emerging Threat: (CVE-2026-53721) Nuxt Route-Rule Middleware Bypass via Case-Sensitivity Mismatch

CVE-2026-53721 is a route-rule middleware bypass in Nuxt, the open-source web development framework for Vue.js. It stems from a case-sensitivity mismatch between vue-router and the framework’s routeRules matcher, which lets an attacker reach a protected route by varying the casing of the request path. The vulnerability carries a CVSS v4.0 base score of 8.8 (High). Exploitation is pre-authentication and requires no user interaction.

Emerging Threat: (CVE-2026-49975) Apache HTTP Server Denial of Service via HTTP/2 Memory Exhaustion

CVE-2026-49975 is a memory exhaustion vulnerability in the mod_http2 module of Apache HTTP Server that allows a remote attacker to cause a denial of service through maliciously crafted HTTP/2 requests. It is classified as CWE-789, Memory Allocation with Excessive Size Value, and was publicly disclosed as part of an attack technique nicknamed the “HTTP/2 Bomb.” The vulnerability carries a CVSS v3.1 base score of 7.5 (High).

Sedara: Inside the Attack Surface - What to Expect in Your First 30 Days

What to Expect in Your First 30 Days: See what actually happens after deploying Attack Surface Management. In this first session of Sedara: Inside the Attack Surface, we walk through what organizations typically experience during the first 30 days of ASM deployment, from integrations and asset discovery to early detections, identity exposure, and remediation priorities. Learn how teams improve visibility, reduce exposure, and take a more proactive approach to cybersecurity.