Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2026-24061 is an authentication bypass vulnerability affecting the Telnet service provided by GNU Inetutils. The issue allows an unauthenticated remote attacker to bypass expected authentication checks and gain access to the Telnet service under certain conditions.

Today we’re excited to announce that Zenity now protects the most powerful, enterprise-critical coding assistants - Cursor, Claude Code, and GitHub Copilot - from build-time to runtime. As AI becomes a first-class developer tool, Zenity gives security teams the visibility and control they need to safely embrace coding assistants everywhere they’re used, in IDEs, CLIs or in the cloud.

In today's threat landscape, an effective endpoint protection platform (EPP) is the cornerstone of an organization’s security posture. Built on this foundation, the CrowdStrike Falcon platform has established itself as a pioneer of AI-native security, enabling organizations across every sector and size to unify and automate their defenses across endpoint, identity, cloud, and data.

This research is published following the public release of a fix and CVE, in accordance with coordinated vulnerability disclosure best practices. CVE‑2025‑60021, a critical command injection issue in Apache bRPC’s /pprof/heap profiler endpoint, was identified during broader analysis of diagnostic and debugging surfaces in the framework. The issue was discovered using Vulnhalla, CyberArk Labs’ AI tool that assists in triaging CodeQL results using an LLM.

Data privacy used to be the realm of hospitals, banks, and fervent devotees of the Fourth Amendment to the US Constitution. Something we knew we wanted but conceptually assumed wouldn’t affect most people. Our dependence on the Internet for almost all aspects of daily life has changed that. In 2026, data privacy and cybersecurity are deeply intertwined. Protecting sensitive information isn’t just about stopping hackers.

The security landscape is shifting. For the past two years, security teams have focused primarily on what users type into chatbots by monitoring interactions with ChatGPT, Gemini, and Claude. But a new risk vector is emerging, one that operates largely outside traditional security controls: AI agents accessing corporate data autonomously through the Model Context Protocol (MCP).

VMware offers a wide range of products, and understanding their different use cases may be overwhelming. In this blog post, we cover the differences between three commonly used technologies in VMware environments: It’s important to note that any ESXi vs. vSphere vs. vCenter comparison should start with a caveat: these technologies are complementary rather than substitutes for one another. NAKIVO for VMware vSphere Backup Complete data protection for VMware vSphere VMs and instant recovery options.

There is a moment that happens in every SOC (Security Operations Center) every day. An alert fires. An analyst looks at a dashboard and sees a UR: POST /vs/payments/proc/77a. And then they stop. They stare. And they ask the question that kills productivity: "What does this thing actually do?" Is it a critical payment gateway? A test function? Does it handle credit card numbers or just transaction IDs?

Adoption fraud can target hopeful families. Discover common scams, warning signs, and how to protect your adoption journey. Adoption fraud can blindside even the most prepared families, especially when emotions run high. Understanding common adoption scams and how to stay safe can help you move forward with more peace of mind. Adoption fraud is a scam in which someone uses deception to extract money, gifts, or emotional leverage from people hoping to adopt.