Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Continuous Compliance at Scale with Agentic AI
Most MSSPs are spending analyst hours on compliance work that doesn't show up on an invoice. A client comes on board with HIPAA or CMMC requirements, someone manually audits detection rules and telemetry against framework controls, documents what's missing, and builds a remediation plan. Then the next audit cycle starts and you do it again, across every tenant, every framework, every year.
Celebrating 12 Years of Project Galileo
Check out this special video where we heard from Trey Guinn, one of our long-time Cloudflare volunteers who worked directly with organizations protected under Project Galileo.
Top 7 Claude Skills for Developers
Over 78% of developers are using Claude for coding, but almost everyone is leaving its single most powerful feature switched off: Claude Skills. In this video, we break down what Claude Skills are, how they use "progressive disclosure" to keep your context window light, and the 7 best engineering skills you can install this week to completely supercharge your workflow.
Turning Asset Visibility Into Risk Reduction
Most vulnerability programs rely on scanning known assets and ranking findings based on static severity scores. That model breaks down quickly in modern environments. Asset lists are constantly changing, devices move between networks, workloads shift into cloud platforms, and unmanaged systems appear outside traditional inventory controls. When asset visibility is incomplete, vulnerability data is incomplete as well. The result is predictable. Prioritization becomes inconsistent.
Cyberhaven Selected for Anthropic's Cyber Verification Program to Advance Defensive AI Security Research
Anthropic has selected Cyberhaven for its Cyber Verification Program, an application-based program that supports legitimate defensive cybersecurity work involving advanced AI capabilities. The approval gives designated Cyberhaven teams access to advanced AI capabilities with fewer interruptions from default safeguards for certain high-risk, dual-use cybersecurity tasks, subject to Anthropic's applicable policies and program requirements.
From Brand Impersonation to Account Takeover: The ATO Attack Chain
Brand impersonation account takeover (ATO) happens when attackers use fake brand assets to expose customers, harvest credentials, and attempt access on the legitimate site. The impersonation stage happens outside the enterprise’s login environment, but the ATO risk appears when stolen credentials, attacker devices, or exposed users reach the legitimate login environment. That distinction matters because brand impersonation and account takeover are often handled as separate problems.
Recall Brings Implicit Learning to the SOC
AI SOC memory is the difference between an investigation that starts from your team’s history and one that starts from zero. In most security operations centers, there is none: context disappears the moment a case closes. When a new alert fires, the investigation effectively starts from zero.
The Month the AI Supply Chain Broke: Six Cybersecurity Incidents That Shook May 2026
May 2026 will be remembered as the month the AI developer toolchain itself became the primary attack surface. A single threat actor — TeamPCP — ran a nine-day campaign that started as a worm in open-source packages, escalated through a poisoned code-editor extension, and ended inside GitHub’s own infrastructure.
AI, Security, and the Reality of Machine-Speed Risk
The recent White House executive order on advancing artificial intelligence innovation and security sends a clear signal about how leaders are framing the future. What stands out most in the executive order is the recognition that AI and cybersecurity are now inseparable. One cannot succeed without the other. While national security is a prominent example, this convergence extends to every organization that depends on digital systems.