Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Safeguard: Using the double-edged sword of AI for good
Examine the function of AI in security tools, and how this double-edged sword can be used for good or ill in the cybersecurity sphere. Plus, see its integration into an identity fabric and get a glimpse into its responsible use – paired with the human element – in One Identity Safeguard.
Immediate, Automated, Compliant Access Enforcement with Teleport JIT Watcher
A common request we hear at Teleport is for immediate Just-in-Time (JIT) access. Users shouldn't have standing access to resources, but they do need an audited escalation and approval process they can personally execute when access is required. This raises an important challenge: how do we ensure users only access the resources they truly need, without creating access sprawl or slowing teams down?
Securing Shadow AI: 6 Principles from Security Leaders Who've Been There
Everyone's racing to use AI right now. But securing AI adoption while maintaining productivity—getting visibility into shadow AI, educating employees without blocking innovation, and building governance that actually works—is harder than it looks. We recently hosted a discussion between Anant Mahajan, Head of Product at Nightfall, and Yunique Demann, VP of Information Security at TPx, to dig into the practical realities of AI governance.
FreePBX Authentication Bypass Leading to SQL Injection and RCE (CVE-2025-57819)
A new critical vulnerability has been identified in FreePBX, the widely adopted open-source, web-based graphical user interface for managing Asterisk PBX systems. Tracked as CVE-2025-57819, this flaw affects FreePBX versions 15, 16, and 17 and enables unauthenticated attackers to bypass administrator login controls. Once inside, threat actors can perform SQL Injection attacks that lead directly to remote code execution (RCE).
Secure More with Less: Achieving Cost Avoidance in Government with Keeper's Unified Platform
Government agencies are under increasing pressure to reduce operational costs while strengthening their defenses against costly cyber threats. Legacy systems and disjointed security tools lead to growing complexity, inefficiencies and higher expenses. Keeper Security offers a unified cybersecurity platform that eliminates the need for legacy Privileged Access Management (PAM) solutions, traditional password management, endpoint privilege management, remote access tools and secrets management.
How to Use the AI Security Assistant for Deeper Security Expertise and Context
In this demo, we will look at three different use cases for the AI Security Assistant including general security knowledge, ticket context and data visualization.
Interview: Building human & AI synergy with Peter Ruta, Founder / CEO of Arcanna.ai [242]
On this episode of the Cybersecurity Defenders Podcast we speak with Peter Ruta, Founder / CEO, Arcanna.ai.
Bridging the Gap Between IT and OT Cybersecurity in the Middle East's Critical Infrastructure
As the Middle East rapidly accelerates its digital transformation across sectors like energy, oil and gas, and manufacturing, the traditional gap between IT and OT cyber security is closing. Industrial operators now rely on interconnected systems to maximize efficiency, but this increasing convergence introduces new vulnerabilities that cannot be addressed in isolation.
Rounding up the best UK penetration testing providers
Picking "the best" pen testing partner depends on your systems, risk appetite, and evidence needs. This list focuses on UK providers with recognised assurance, proven technical depth, and clear reporting. We have prioritised CREST membership and, where relevant, NCSC CHECK status, because these are the fastest filters for competence in the UK public and regulated sectors. You will still want to run a proper scope, ask for a sample report, and meet the actual testers, but this short list will give you a strong head start.