Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Protecting minors online has become one of the most pressing, and complex, policy discussions in today’s digital landscape. As technology evolves, so too does the urgency to create safer digital environments. Regulators, platforms, and security leaders all share that objective. However, the way we attempt to achieve it is entering a new and far more intricate phase.

Attack Surface Monitoring has become a critical component of modern cybersecurity programs. As organizations scale their cloud environments, applications, APIs, and third-party services, so does their external attack surface. Every new cloud instance, API endpoint, marketing microsite, and third-party SaaS tool expands your perimeter. But there are two hard truths for security teams: You cannot protect what you don’t know exists, and you cannot secure what you don’t deeply test.

Modern IT and security teams no longer evaluate platforms in isolation. They ask how a platform fits into the architecture they run, the workflows they trust, and the outcomes they need to improve. Enterprise stacks are not isolated; they are interdependent. Identity shapes access, endpoint posture influences policy, while SIEM tools drive investigations and rely on shared data and context. AI tools introduce new layers and patterns of usage, risk, and data movement across the network.

A CVE lands in the morning. Hours later, attackers are exploiting it in the wild. The patch is not ready, the change window is days away, and the clock is already running. None of this is new. What changed is that vulnerability exploitation is now the most common path into organizations.

The Securonix Threat Research team has identified an ongoing espionage campaign, tracked as SHEETCREEP, where threat actors deliver a C# remote access trojan through a diplomatic-themed ISO phishing lure.

Artificial Intelligence continued to dominate the conversation, and content, but the key theme throughout the Gartner Security & Risk Management experience was a little bit more subtle. This year, CISOs from all across the globe came to connect, learn, and explore with peers, vendors, and Gartner, navigating individual and business resilience challenges.

Your team already knows the pattern. The on-prem SIEM is still running, but it's become a bottleneck instead of a force multiplier. Cloud logs arrive late or in partial form. SaaS activity sits in separate consoles. Endpoint and identity events don't line up cleanly. Analysts burn time pivoting across tools, then still end up asking whether the alert is real. That's why the conversation around SIEM on cloud has changed. It's no longer about chasing a newer deployment model.

Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance (Cap. 653) represents a major shift in cybersecurity regulation. The law moves beyond traditional compliance exercises and places a much stronger emphasis on continuous operational resilience. For designated Critical Infrastructure (CI) operators, the challenge is no longer simply deploying security controls.

npm's next major release, v12, scheduled to land July 2026, will stop running dependency install scripts by default. We’re relieved to hear it. Turning off install scripts is the most useful change npm could make to its defaults. The community suffered a barrage of supply chain attacks in the last year, like Nx s1ngularity and Shai-Hulud, that exploited postinstall scripts. This npm update is a long-awaited change that will shrink a huge supply chain attack vector.