Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Why Does Alert Overload Happen and How Can It Be Prevented?
You’re operating in a fast-moving cybersecurity environment. Every second, data flows, users log in, devices communicate, and threats lurk. Your tools are generating alerts—many of them valid, many more questionable. Before long, you face a constant tsunami of notifications. That’s where alert fatigue strikes: too many alerts, too little time, too much risk. When your team starts ignoring or delaying responses to alerts, the very purpose of your monitoring stack is undermined.
Securing AI: Why Vision Models Struggle with Transparency and Depth
Securing AI: Why Vision Models Struggle with Transparency and Depth In this clip from "Securing AI, Part 4," A10 security expert Madhav Aggarwal highlights a fundamental challenge still faced by even the most popular AI vision models and chatbots: transparent objects. Madhav explains how these corner cases—situations that are obvious to a human but complex for a machine—can easily throw an AI model "completely off.".
When Cybersecurity Fails: What Insurance Really Covers
Explore how MDR/MSP support, insurer incident response, PR, legal costs and ICO fines connect, and why SMEs need both controls and cover.
SessionReaper: Magento's Critical CVE-2025-54236 Breakdown
SessionReaper (CVE-2025-54236) is one of the most dangerous vulnerabilities discovered in Adobe Commerce and Magento Open Source. This pre-authentication flaw enables attackers to hijack customer sessions and, in many real-world setups, escalate to remote code execution (RCE), allowing them to drop persistent PHP web shells on your servers.
Tutorial: Get Started with WatchGuard Licensing
In this WatchGuard Support video, you'll learn how to activate and renew WatchGuard licenses.
The VPN Trap: Why Remote Access Is Failing You
VPNs were once the cornerstone of secure remote access. Today, they've become one of the easiest ways for attackers to slip inside your network. Outdated VPN tunnels facilitate credential theft, lateral movement, and data exfiltration, leaving IT teams confused and businesses vulnerable. In this session, WatchGuard experts will uncover the hidden risks of SSL VPNs and explain how a zero trust approach can eliminate those weaknesses. Learn how to deliver faster, safer, and simpler access for every user, without the overhead and risk of remote user VPNs.
Nightfall Product Updates & News: Fall 2025
Here's the latest product news and updates from Nightfall at a glance.
CTI roundup: RMM abuse, SesameOp, Google's 2026 Cybersecurity Forecast
Actors exploit RMM tools to target trucking and logistics companies, SesameOp uses the OpenAI Assistants API for C2 communications, and Google warns of rising adversary AI adoption in 2026.
CVE-2025-64446: Critical Fortinet FortiWeb Path Traversal Vulnerability Exploited to Create Administrative Accounts
On November 13, 2025, open source reporting began detailing active exploitation of a silently patched Fortinet FortiWeb vulnerability. The flaw is a path traversal issue in the FortiWeb web application firewall (WAF) that allows an unauthenticated threat actor to create new administrative users on exposed devices. The following day, November 14, Fortinet officially addressed the vulnerability in an advisory, tracking it as CVE‑2025‑64446.
FedRAMP Deviation Requests: When and How to Submit
FedRAMP is a government-wide program meant to ensure a standardized baseline for information security throughout the cloud service providers working with the federal government. It’s a tall order. Setting forth standards that are robust enough to cover all the bases, while being open and flexible enough to cover every CSP, is not easy.