Articles about cybersecurity

Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as ‘Verified’ and ‘Chrome Featured’ provided by extension stores as a security indicator.

However, new research from SquareX points up architectural flaws in how browser security tools work which mean they’re unable to detect or prevent the latest advancements in malicious browser extension attacks.

Continue reading →

A new study reveals that that 90 percent of leaders find managing cyber risks harder today than they did five years ago, resulting in higher reports of burnout (47 percent), including more than one in ten who say they’re on the verge of quitting.

The report from Bitsight shows the leading causes of poor cyber risk management, and therefore burnout, include an explosion of AI (39 percent), and rapidly expanding attack surfaces (38 percent).

Continue reading →

According to Gartner 33 percent of enterprise applications are expected to incorporate agentic AI by 2028, but are their security teams equipped with the latest training and technology to protect this new attack surface?

We spoke with Ante Gojsalić, CTO and co-founder at SplxAI to uncover the hidden dangers in agentic AI systems and what enterprises can do to stay ahead of the malicious looking to exploit them.

Continue reading →

On its own artificial intelligence isn’t a solution to cybersecurity issues, but new data from Hack The Box, a platform for building attack-ready teams and organizations, reveals that cybersecurity teams are increasingly beginning to adopt AI as a copilot for solving security challenges.

Based on real-world performance data from over 4,000 global participants in Hack The Box’s Global Cyber Skills Benchmark, a large-scale capture the flag competition, the report highlights how cyber teams are starting to use AI as a teammate to their security staff.

Continue reading →

Traditional runtime security solutions have tended to focus on detection and as a result generate thousands of low-fidelity alerts. Edera is launching what it says is a new software security category aimed at ending the era of 'move fast and break things'.

Edera's ‘hardened runtime’ provides production-grade sandboxing that assumes a breach before it occurs. This architectural approach eliminates the root causes of privilege escalation, lateral movement, and data exfiltration while dramatically reducing operational overhead for security teams.

Continue reading →

While 79 percent of organizations are already using AI in production environments, only six percent have implemented a comprehensive, AI-native security strategy.

This is among the findings in the new AI Security Benchmark Report from SandboxAQ, based on a survey of more than 100 senior security leaders across the US and EU, which looks at concerns about the risks AI introduces, from model manipulation and data leakage to adversarial attacks and the misuse of non-human identities.

Continue reading →

New survey data reveals that 49 percent of organizations with privileged access management report fewer security incidents tied to privilege misuse.

The report from Keeper Security, based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia, explores the motivations driving PAM adoption, the most common obstacles to deployment and the features enterprises consider essential for securing access in today’s cybersecurity threat landscape.

Continue reading →

Newly released research from cybersecurity platform Cynet shows managed service providers (MSPs) are facing growing operational strain as they race to meet demand for cybersecurity services.

While cybersecurity services are driving growth and deepening client relationships, most MSPs are hitting operational roadblocks, held back by fragmented tools, limited automation and lean security teams.

Continue reading →

New research from FireMon shows that 60 percent of enterprise firewalls fail high-severity compliance checks immediately upon evaluation, with another 34 percent falling short at critical levels.

Using data collected anonymously from AI-powered analytics platform FireMon Insights deployments across large enterprises and regulated industries, the study found misconfigurations, outdated rules, and bloated policies that bog down performance and leave security teams struggling to keep up.

Continue reading →

Cybercriminals are increasingly using sophisticated identity-based attacks (phishing, social engineering, leveraging compromised credentials) to gain access as trusted users and move laterally across systems undetected.

We spoke to Cristian Rodriguez, field CTO, Americas at CrowdStrike, about the company’s recent research into these attacks and now organizations can defend against them.

Continue reading →

According to Verizon’s 2025 Data Breach Investigations Report, API-related breaches have increased nearly 40 percent year-on-year, with broken authorization cited as one of the most exploited flaws.

Now though Intruder, a leader in attack surface management, has launched Autoswagger -- a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities.

Continue reading →

A new survey of 1,000 IT, security, and engineering professionals across North America uncovers a fractured landscape of legacy VPNs, slow manual processes, and overlapping tools -- with 99 percent of respondents saying they'd like to redesign their company’s access and networking setup from the ground up.

The study from Tailscale also shows that 83 percent of IT and engineering professionals admit to bypassing security controls in order to get their work done. Also worrying is that 68 percent say they have retained access to internal systems after leaving a previous employer, revealing critical gaps in offboarding and identity lifecycle management.

Continue reading →

Security teams today are overwhelmed by fragmented data, inconsistent tagging, and the manual burden of translating findings into fixes.

A new release of the Seemplicity platform introduces an AI Insights feature along with Detailed Remediation Steps, and Smart Tagging and Scoping, three new capabilities that use AI to solve some of the most painful and time-consuming cybersecurity tasks.

Continue reading →

A new report from Abnormal AI shows cybersecurity leaders and frontline analysts agree that artificial intelligence is now central to the future of the security operations center (SOC).

The report, titled Human-Centered AI: Redefining the Modern SOC, is based on a survey of nearly 500 professionals across the United States and United Kingdom and reveals that every respondent sees AI as the top business priority for the SOC.

Continue reading →

According to a new report 45 percent of MSPs admit to having a dedicated pool of money set aside for ransomware payments. This is despite increasing pressure from insurers and global governments to avoid paying ransoms to stop fueling criminal enterprises and encourage proactive resilience.

The findings, from cyber risk specialist CyberSmart, also show that 36 percent opt to protect themselves with cyber insurance instead. Worryingly though, 11 percent of MSPs say they have no dedicated budget for ransomware payments or cyber insurance, in many cases leaving them without a contingency plan.

Continue reading →