Month: February 2026
7 posts
Risk, Severity, Threat Modeling, and Why You Need A Pentest
Vulnerability severity scores like CVSS are often mistaken for risk, but without understanding the more nuanced context, organizations cannot effectively prioritize remediation. Patryk Sipowicz, a penetration tester with Novacoast’s Attack Team, explains how penetration testing is the best method for accurately modeling relevant threats.
Is the “SaaS Apocalypse” Inevitable with the Advent of AI Coding?
We applied a fragility scoring model across three AI systems to evaluate how each assesses the risk of modern SaaS vendors being vulnerable to AI-driven replacement.
Top 10 Cybersecurity News (Feb. 16, 2026): Microsoft 365 Admin Center Outage Investigated as Security Event, CISA Adds Multiple Exploited Vulnerabilities to KEV Catalog, Trojanized 7-Zip Installer Spreads Proxy Malware, and More
Microsoft 365 Admin Center Outage Investigated as Security Event, CISA Adds Multiple Exploited Vulnerabilities to KEV Catalog, Trojanized 7-Zip Installer Spreads Proxy Malware, and 7 More.
Strong Incident Response Planning is the Difference Between a Mere Event and an Expensive Disaster
Incident response planning is the highest-value control in cybersecurity today, provided organizations commit to building, practicing, and continuously refining their playbooks.
Top 10 Cybersecurity News (Feb. 09, 2026): State-Sponsored Attackers Hijacked Notepad++, CISA Warns of Actively Exploited SmarterMail RCE, DKnife Linux Toolkit Used for Malware Delivery, and More
Notepad++ Supply Chain Hack Compromises Update Mechanism, CISA Warns of Actively Exploited SmarterMail RCE, DKnife Linux Toolkit Used for Malware Delivery, and 7 More.
Stop Being the Data Police
I didn’t choose to be in security. Security chose me. Throughout my IT career, people kept coming to…
Top 10 Cybersecurity News (Feb. 02, 2026): Two Million Android Devices Infected by Kimwolf Botnet, Microsoft Announces NTLM Authentication Protocol Deprecation, CISA Adds Five Vulnerabilities to Known Exploited Catalog, and More
Two Million Android Devices Infected by Kimwolf Botnet, Microsoft Announces NTLM Authentication Protocol Deprecation, CISA Adds Five Vulnerabilities to Known Exploited Catalog, and 7 More.