Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

OAuth is a commonly used authorisation framework, that allows websites and web applications to request limited access to a user’s account on another application. Users can grant this limited access to their account, without ever needing to expose their password with the requesting website or application. This is commonly seen with sites that allow you to log in with popular accounts such as a social media login, Microsoft or Google account.

During independent security research, a CSS injection vulnerability (CVE-2026-26000) was identified in the XWiki platform. XWiki is an open-source enterprise wiki and collaboration platform commonly used for internal documentation and knowledge management. According to XWiki, the platform has over 8,000 active installations and is used by organisations such as Lenovo and Amazon, meaning vulnerabilities can affect a large and diverse user base.

The rapid adoption of Large Language Models (LLMs) is transforming how SaaS platforms and enterprise applications operate. From embedded copilots and automated support agents to internal knowledge-base search and workflow automation, organisations are increasingly integrating LLM APIs into existing services to deliver faster and more intuitive user experiences.

Traditional penetration testing has long been a cornerstone of cyber assurance. For many organisations, structured annual or biannual tests have provided an effective way to validate security controls, support compliance requirements, and identify material weaknesses across infrastructure, applications, and external attack surfaces.

A recently disclosed vulnerability, tracked as CVE-2026-1731, affects BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA). The flaw is rated critical, with a CVSS v4 score of 9.9 according to the National Vulnerability Database. BeyondTrust published advisory BT26-02 confirming that an unauthenticated remote attacker may be able to execute operating system commands by sending specially crafted client requests.

Cyber insurance is now a routine part of organisational risk management, particularly for organisations with complex IT estates and growing digital exposure. As cyber incidents continue to drive operational disruption and financial loss, insurers are placing greater emphasis on understanding the true level of cyber risk they are underwriting through insurance risk assessments. For senior IT leaders, this often creates friction.

During independent security research conducted as part of the Wordfence Bug Bounty Program, we identified a broken access control vulnerability in the SupportCandy plugin for WordPress. SupportCandy is a helpdesk and customer support ticketing plugin that enables organisations to manage user-submitted support requests directly within their WordPress environment, including the ability to upload files and exchange attachments through ticket replies.