Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The threat actor TeamPCP has recently launched a coordinated campaign targeting security tools and open-source developer infrastructure by pivoting with stolen CI/CD secrets and signing credentials (such as GitHub Actions tokens and release signing keys). At the time of writing, repositories for Trivy, Checkmarx, and LiteLLM have been impacted, and reports indicate that at least 1,000 enterprise software-as-a-service (SaaS) environments may be affected by this threat campaign.

The difference between an AI feature and an AI-led operating model becomes clear the moment a security problem becomes difficult. In real-world security operations — where the signal is ambiguous, the evidence spans multiple domains, and the attacker is behaving in unfamiliar ways — architecture matters much more.

The fastest way to reduce risk at enterprise scale is to standardize on a vulnerability and exposure management platform that unifies asset visibility, prioritizes what matters, and automates workflow to remediate. In this article, we’ll break down the nine essential requirements security leaders should insist on when evaluating an enterprise vulnerability management system, whether it’s an existing tool in their tech stack or a potential new capability.

Protecting your organization’s mission-critical data is always a top priority. However, data security has gained additional importance in the AI era.

When a patient logs into a billing portal, two of the most heavily regulated data types in the U.S. end up in the same browser session. PHI like health history, insurance providers, and diagnoses, renders right alongside the card entry fields they’ll use to pay. And with them load the third-party scripts that marketing manages. Analytics, heatmaps, A/B testing, conversion tracking. These tools are how growth teams optimize revenue and product teams improve the experience.

Consent management platforms were a reasonable first answer to GDPR. Capture the choice, log it, and move on. For a while, that felt like compliance. It wasn’t. A logged preference and an enforced preference are two different things. When a user clicks reject all, the legal obligation isn’t just to record that click, but it’s also to ensure no tracking script executes after that. Tags, pixels, analytics calls, behavioral trackers, they all need to stop.

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation.

BSides SF 2026 explored how identity risk, production drift, and developer tooling are changing modern security strategy for defenders and platform teams.

The US Cybersecurity and Infrastructure Security Agency (CISA) has launched a SIEM-as-a-Service (SIEMaaS) offering for federal civilian agencies, featuring Elastic Security on Elastic Cloud. SIEMaaS delivers a cloud-based platform for next-generation, AI-powered threat analytics, incident response, and open-standards-based cybersecurity data ingestion.