Top 10 Cybersecurity News (Mar. 2 2026): APT37 Deploys Malware Against Air-Gapped Networks, UFP Technologies Confirms Theft of Business Data, UNC2814 Espionage Campaign Hits Telecom & Govt, and More
APT37 Deploys Malware Against Air-Gapped Networks, UFP Technologies Confirms Theft of Business Data, UNC2814 Espionage Campaign Hits Telecom & Govt and 7 More.
From Checklists to Continuous Assurance – The Evolution of Third-Party Risk
Matthew Mudry shares his experience and perspective on the evolution of third-party risk from his presentation at the Innovate Cybersecurity Summit in Scottsdale 2025.
Top 10 Cybersecurity News (Feb. 23 2026): PayPal Data Breach — Exposed PI for Months, AI-Assisted Hacker Breaches 600+ Fortinet Firewalls, Mississippi Medical System Ransomware Disrupts Clinics, and More
PayPal Data Breach — Exposed PI for Months, AI-Assisted Hacker Breaches 600+ Fortinet Firewalls, Mississippi Medical System Ransomware Disrupts Clinics, and 7 More.
Risk, Severity, Threat Modeling, and Why You Need A Pentest
Vulnerability severity scores like CVSS are often mistaken for risk, but without understanding the more nuanced context, organizations cannot effectively prioritize remediation. Patryk Sipowicz, a penetration tester with Novacoast’s Attack Team, explains how penetration testing is the best method for accurately modeling relevant threats.
Is the “SaaS Apocalypse” Inevitable with the Advent of AI Coding?
We applied a fragility scoring model across three AI systems to evaluate how each assesses the risk of modern SaaS vendors being vulnerable to AI-driven replacement.
Top 10 Cybersecurity News (Feb. 16, 2026): Microsoft 365 Admin Center Outage Investigated as Security Event, CISA Adds Multiple Exploited Vulnerabilities to KEV Catalog, Trojanized 7-Zip Installer Spreads Proxy Malware, and More
Microsoft 365 Admin Center Outage Investigated as Security Event, CISA Adds Multiple Exploited Vulnerabilities to KEV Catalog, Trojanized 7-Zip Installer Spreads Proxy Malware, and 7 More.
Strong Incident Response Planning is the Difference Between a Mere Event and an Expensive Disaster
Incident response planning is the highest-value control in cybersecurity today, provided organizations commit to building, practicing, and continuously refining their playbooks.
Top 10 Cybersecurity News (Feb. 09, 2026): State-Sponsored Attackers Hijacked Notepad++, CISA Warns of Actively Exploited SmarterMail RCE, DKnife Linux Toolkit Used for Malware Delivery, and More
Notepad++ Supply Chain Hack Compromises Update Mechanism, CISA Warns of Actively Exploited SmarterMail RCE, DKnife Linux Toolkit Used for Malware Delivery, and 7 More.
Stop Being the Data Police
I didn’t choose to be in security. Security chose me. Throughout my IT career, people kept coming to…
Top 10 Cybersecurity News (Jan. 26, 2026): APAC Energy Firm Hit by Dire Wolf Ransomware, AI-Led Espionage Campaign Uses Autonomous Agents, Pwn2Own Automotive 2026 Uncovers 76 Zero-Day Flaws, and More
APAC Energy Firm Hit by Dire Wolf Ransomware, AI-Led Espionage Campaign Uses Autonomous Agents, Pwn2Own Automotive 2026 Uncovers 76 Zero-Day Flaws, and 7 More.