%term

Introducing Detectify Internal Scanning for internal scanning behind the firewall

Feb 3, 2026 By Detectify In Detectify

Detectify Internal Scanning is an internal vulnerability scanning solution that brings Detectify’s proprietary crawling and fuzzing engine behind your firewall. Built for AppSec and DevOps teams, it enables authenticated testing of internal applications, admin panels, staging environments, and microservices, all from a single, unified platform. Teams can now monitor both internal and external vulnerabilities side by side, without slowing down release cycles.

Read Post

Detectify

Read more about Introducing Detectify Internal Scanning for internal scanning behind the firewall

Notepad++ Publishes Full Details of 2025 Compromise

Feb 3, 2026 By Andres Ramos In Arctic Wolf

On February 2, 2026, the Notepad++ open source project disclosed new details about a supply chain compromise that impacted its update delivery infrastructure between June and December 2025. The attack was attributed to state-sponsored threat actors with links to China. In this campaign, the threat actors had gained access to a third-party hosting provider used by Notepad++ to distribute updates.

Read Post

Arctic Wolf

Read more about Notepad++ Publishes Full Details of 2025 Compromise

Cyberthreat Detection: Key Steps Every Company Should Take

Feb 3, 2026 By SecuritySenses In SecuritySenses

Today, an organization's survival is intrinsically linked to its cybersecurity posture. Proactive cyberthreat detection has transitioned from a technical best practice to a core business imperative. With adversaries employing increasingly sophisticated methods, from AI-driven phishing campaigns to fileless malware and stealthy lateral movement, relying solely on preventive controls can be a recipe for failure. A robust detection strategy is what separates companies that suffer prolonged breaches from those that contain incidents swiftly.

Read Post

SecuritySenses

Read more about Cyberthreat Detection: Key Steps Every Company Should Take

A Supply Chain Attack in Notepad++

Feb 2, 2026 By Tanium In Tanium

Executive Summary: The Notepad++ update process was compromised by a supply chain attack, and users are strongly advised to upgrade to version 8.8.9 or later to ensure their security.

Read Post

Tanium

Read more about A Supply Chain Attack in Notepad++

The Secret to Secure AI Code

Feb 2, 2026 By Snyk In Snyk

AI is revolutionizing software development, but it’s also generating code faster than humans can review. In this video, we dive into the three biggest security risks of AI code generation and show you how to automate your defense using Snyk Studio. Learn how to enable Secure At Inception to catch vulnerabilities in real-time within your IDE.

View Video

Snyk

Read more about The Secret to Secure AI Code

Emerging Threat: CVE-2026-24858 - FortiCloud SSO Authentication Bypass

Feb 2, 2026 By Amit Sheps In CyCognito

CVE-2026-24858 is an authentication bypass vulnerability affecting FortiCloud’s Single Sign-On (SSO) implementation. Under certain conditions, the flaw allows an unauthenticated attacker to bypass standard authentication checks and gain access to FortiCloud services without valid credentials. The root cause is tied to insufficient validation within the SSO authentication flow, where trust boundaries between identity assertions and session establishment are not enforced strictly enough.

Read Post

CyCognito

Read more about Emerging Threat: CVE-2026-24858 - FortiCloud SSO Authentication Bypass

Snyk Advisor is Reshaping Package Intelligence on Snyk Security Database

Feb 2, 2026 By Noa Yaffe-Ermoza In Snyk

Choosing safe, healthy open source dependencies shouldn’t require jumping between tools or piecing together context from multiple places. Developers and AppSec teams need package health signals exactly where security decisions already happen. This is why we’re bringing Snyk Advisor data into security.snyk.io.

Read Post

Snyk

Read more about Snyk Advisor is Reshaping Package Intelligence on Snyk Security Database

Staying PCI DSS Compliant: The Annual Checklist

Feb 2, 2026 By Sri Vidhya Mathuram In Outpost 24

Payment Card Industry Data Security Standard (PCI DSS) compliance isn’t a once-a-year exercise; it’s a year-round effort that requires regular validation to protect cardholder data, manage risk, and maintain audit readiness throughout the year. Compliance failures are rarely caused by a single missing control.

Read Post

Outpost 24

Read more about Staying PCI DSS Compliant: The Annual Checklist

Cloud Vulnerability Scanner - 90% Signal, 10% Noise #cybersecurity #ytshorts #cybersecuritycompany

Feb 2, 2026 By Astra Security In Astra

View Video

Astra

Read more about Cloud Vulnerability Scanner - 90% Signal, 10% Noise #cybersecurity #ytshorts #cybersecuritycompany

Context-Driven Security - AI is Collapsing Exploit Timelines

Feb 2, 2026 By Nucleus Security In Nucleus

In a joint webinar with leaders from Nucleus, Cycode, and HackerOne, HackerOne product manager Kyle Mativier explains how advancing AI capabilities are collapsing how long it takes attackers to exploit seemingly low to medium severity vulnerabilities.

View Video