Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Hyperautomation Transforms MSSP Cybersecurity Trends in 2026
See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Fareed Cheema is the Global Head of Sales Engineering at Torq, leading worldwide pre-sales strategy, execution, and technical innovation. Over the past 3.5 years, he has helped scale Torq’s technical and go-to-market teams while driving customer success in a rapidly changing security automation market.
Getting the Right People to the Table
Implementing Microsoft Purview is not just an IT project – it’s a company-wide transformation that touches nearly every aspect of how your organization manages, protects, and governs data. Success requires aligning diverse perspectives and building consensus across teams. The initial push for Purview can come from many departments. If you are leading the effort, identifying who needs to be involved and understanding why their input matters will be key to driving buy-in and long-term success.
React2Shell: The Frontend Vulnerability That Unlocks Your Internal APIs
The cybersecurity world is currently buzzing about React2Shell (CVE-2025-55182), a critical remote code execution (RCE) vulnerability affecting React and Next.js. The scale of the threat is massive: researchers have already identified over 77,000 vulnerable IP addresses exposed to the internet, and confirmed that state-sponsored actors and opportunistic crypto miners have already breached at least 30 organizations. But if you look closely, this isn't really a story about React.
CTI roundup: Hybrid 2FA phishing, RomCom, MuddyWater
Hybrid 2FA phishing threatens enterprises, RomCom uses SocGholish to deploy Mythic Agent malware, and MuddyWater targets critical infrastructure with evolving tactics.
KubeVirt installation on public cloud/upstream clusters
The default node pool VMs (worker nodes) in Azure do not have Intel virtualization extensions (VT-x) enabled. When trying to create a guest VM, you will see that the kubevirt VM pod will be unschedulable with the following error message: To fix this, you need to create a new node pool using an Azure VM flavor that has VT-x extensions. (those from the Ds_v3 series all have them)
MSSP Quality Measures 2025: What Businesses Should Expect
The role of an MSSP has evolved beyond just providing alert monitoring services. Many businesses today are looking for MSSPs who can respond to cyber incidents quickly and provide excellent support. Business owners understand how quickly cybercriminals can break into their systems. Because of this, they want more than an MSSP that only provides monitoring. They want to ensure that their MSSP's quality of service meets expectations.
The OWASP Top 10 for Agentic Applications: A Milestone for the Future of AI Security
The OWASP GenAI Security Project has officially released its Top 10 for Agentic Applications, the first industry-standard framework focused on the operational risks created by autonomous and semi-autonomous AI systems. AI has evolved in a way that directly changes how enterprises need to think about security. We started with machine learning systems designed to classify and predict.
CMMC Level 1 & 2 Compliance Guide: Endpoint Security & Access Control
The Cybersecurity Maturity Model Certification (CMMC) is more than a checkbox, it’s a mandatory requirement for contractors doing business with the U.S. Department of Defense (DoD). In both Level 1 and Level 2, endpoint security, device control, and monitoring play a critical role in preventing unauthorized access and data leakage of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
AI, Creators & Agentic Commerce - A Conversation with Cloudflare CSO Stephanie Cohen
In this episode of This Week in NET, host João Tomé sits down with Stephanie Cohen, Cloudflare’s Chief Strategy Officer, for a candid conversation about AI, content creators, financial services, partnerships, and the future of the Internet. Stephanie shares how Cloudflare is helping keep the Internet open and resilient — from giving creators transparency and control over AI scraping, to enabling new models of agentic commerce through partnerships with Visa and Mastercard, to empowering organizations of all sizes through Cloudflare’s global network.
Burnout in Cybersecurity: Preparing Cyber Staff for the Reality, Not Just the Role
Is burnout in cybersecurity inevitable, or are we finally learning how to prevent it?