Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Absolute Security 2026 Resilience Risk Index
Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.
Unfortunately, there aren't many options unless you're Starlink Citing national security fears, America is effectively banning any new consumer-grade network routers made abroad.…
Aleksei Volkov sentenced after enabling attacks that cost victims millions A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars.…
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware
The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023
'It freakin' worked' says Rob Joyce - and shows how relentless AI agents can find holes humans miss RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce.…
Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here's what they learned.
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data.
Here's where you ought to spend your security billable hours budget this year Strengthen your MFA policies, double-down on anti-phishing training, and for Jobs' sake, patch all your vulns right away. The past year of intelligence collected by Cisco's Talos threat hunters suggests that attackers are moving faster to exploit vulns, and fooling more staff than ever into giving up their credentials. …
The idea of a "human in the loop" in AI deployment was challenged during a security executive panel at the RSAC 2026 Conference this week.
ISACA survey found that confusion over responsibility and lack of understanding around AI cyber-attacks makes containing them difficult
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA
High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.
Claims it can analyze millions of daily events with 98 percent accuracy RSAC 2026 Google's Gemini AI agents are crawling the dark web, sifting through upward of 10 million posts a day to find a handful of threats relevant to a particular organization.…
New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans
Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins RSAC 2026 Voice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims' IT estate – and the No. 1 tactic used when breaking into cloud environments.…
Trio-Tech International initially said hack wasn't 'material,' but then stolen data was published Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as immaterial, only to reverse course days later after discovering stolen data had been disclosed.…