Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
New State Laws Impact AI Governance, Risk, and Compliance
New York has started a movement to reshape the AI compliance landscape for companies doing business in the state. Other states are following suit making Governance and AI Compliance an increasingly critical endeavor.
Cloud vs On-Premised SIEM: One or the Other or Both?
While Hamlet asked the existential question “to be or not to be,” most security teams ask an equally esoteric question that ultimately defines their ability to manage alerting and detection: “to deploy on-prem or in the cloud?” When adopting a security information and event management (SIEM) solution, organizations must make a foundational decision around whether to deploy the solution on-premises or in the cloud.
Cato CTRL Threat Research: Vulnerability Discovered in Open WebUI Enables Account Takeover and Remote Code Execution (CVE-2025-64496)
Cato CTRL’s Vitaly Simonovich (senior security researcher) has discovered a vulnerability (CVE-2025-64496 with a “High” severity rating of 7.3 out of 10) in Open WebUI in versions 0.6.34 and older. This flaw affects the Direct Connections feature, which lets users connect to external AI model servers (ex: OpenAI’s API). If a threat actor tricks a user into connecting to a malicious server, it can lead to an account takeover attack.
DNS-PERSIST-01 validates a domain once to get certificates forever
With the ACME protocol, to issue a certificate you have to prove you control the domain. The CA gives you a challenge, you complete it, and they issue your cert. The trouble is that every validation method has tradeoffs. And as certificate lifetimes get shorter, those tradeoffs will get more painful. DNS-PERSIST-01 is a new approach coming in 2026 that trades proof-of-freshness for easier operations.
The new unit economics playbook for ecommerce operators
EcomWatch is a digital publication launched by experienced ecommerce entrepreneurs who believed the industry needed a news outlet built by people who actively run online stores. Its mission is to deliver timely, evidence based insights across the ecommerce ecosystem. What follows reflects that operator lens: the hard levers that improve contribution margin and cash flow in a market where customer acquisition is pricier, fulfillment is more complex, and signal quality is noisier.
Insider Threats in The Finance Industry
Companies in the finance industry have to look out for a range of insider threats and insider fraud situations, for a number of reasons. There are particular liabilities in play for businesses that deal with financial data. These businesses and institutions are also governed by tighter compliance regulations.
AI Chatbots
PSA: AI is NOT your safe space. That “quick question” you typed into an AI chatbot? It could be stored, reviewed, or used for training. Oversharing puts your data at risk. Protect yourself by keeping personal, financial, and work info out of chat prompts. Think before you prompt!
How To Speed Up Insider Threat Investigations with Splunk
As insider threats become more common, cybersecurity experts need tools that make detecting and preventing them easier. One powerful tool is Splunk, a leading platform for security information and event management (SIEM). In this guide, we’ll explore how to use Splunk to improve your organization’s security against insider threats.
Best threat detection & response solutions for cloud-native applications in 2026
What is the best Threat Detection & Response for cloud-native applications? Traditional EDR isn’t enough for Kubernetes enviorments. Security teams need CADR (Cloud Application Detection and Response), which unifies application, container, Kubernetes, and cloud detection into a single platform that builds complete attack stories instead of siloed alerts. Why doesn’t traditional EDR work for Cloud-Native Applications?