%term

From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise

Mar 20, 2026 By Adam Cardillo - Ben Ellett - Travis Lowe - Radu-Emanuel Chiscariu In CrowdStrike

While investigating a spike in script execution detections across several CrowdStrike Falcon platform customers, CrowdStrike’s Engineering team traced the activity to a compromised GitHub Action named aquasecurity/trivy-action. This popular open-source vulnerability scanner is frequently used in CI/CD pipelines.

Read Post

CrowdStrike

Read more about From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise

SIP Trunking Security in 2026: What Enterprises Must Know Before Their Next Breach

Mar 19, 2026 By SecuritySenses In SecuritySenses

Telecom fraud exceeded an estimated $41.82 billion in losses in 2025 - and a substantial share of that exposure runs directly through SIP trunks. The SIP trunking market itself reached $73.14 billion that same year, and is projected to more than double to $157.91 billion by 2030, according to Mordor Intelligence. That collision of rapid adoption and surging fraud is not a coincidence. Enterprises are migrating voice infrastructure to IP-based systems faster than security teams are adapting their threat models to cover them. In 2026, SIP trunking is business-critical infrastructure.

Read Post

SecuritySenses

Read more about SIP Trunking Security in 2026: What Enterprises Must Know Before Their Next Breach

How Attackers are Hijacking SaaS in 2026

Mar 17, 2026 By foresiet In Foresiet

Think back to the old image of a “cyberattack”: a hacker in a dark room trying to smash through a digital firewall to reach a dusty server. In 2026, that’s a relic. Today, the most dangerous threat actors aren’t breaking into your house; they’re walking through the front door with a copied key.

Read Post

Foresiet

Read more about How Attackers are Hijacking SaaS in 2026

So Many AI Attacks, It Made Quantum Seem Easy

Mar 17, 2026 By Roger Grimes In KnowBe4

As I was writing my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I was hit by how many theoretical and real attacks there are involving AI. There are attacks committed by AI and attacks committed agsinst AI, and I’m not sure which category is bigger.

Read Post

KnowBe4

Read more about So Many AI Attacks, It Made Quantum Seem Easy

Are AI Security Tools the New EDR? Attackers Are Treating Them That Way

Mar 17, 2026 By Emma Stevens In BitSight

AI security tools are no longer just defensive layers. They are high value targets being studied, fingerprinted, and bypassed much like traditional endpoint detection and response (EDR) platforms and antivirus solutions were in their early days. The speed and scale at which these tools are being deployed makes reactive defense increasingly unsustainable.

Read Post

BitSight

Read more about Are AI Security Tools the New EDR? Attackers Are Treating Them That Way

Cyber Warfare Comes to West Michigan: What the Stryker Cyberattack Means for Manufacturing

Mar 17, 2026 By Matt Kahle In SecuritySenses

In March 2026, one of West Michigan's most recognizable manufacturers found itself at the center of a major cybersecurity incident. Medical technology company Stryker, headquartered near Grand Rapids, experienced a widespread cyberattack that reportedly disrupted systems across its global network.

Read Post

SecuritySenses

Read more about Cyber Warfare Comes to West Michigan: What the Stryker Cyberattack Means for Manufacturing

Scorched Earth: Wiper Attacks are the New Face of Cyber War

Mar 13, 2026 By Chris Clements In CISO Global

Sure, they would vastly prefer targeting organizations in the opponent’s supply chain (which is why new requirements like CMMC are absolutely crucial), but every organization that is affiliated with or operates in the adversary’s territory becomes a target no matter how large or small.

Read Post

CISO Global

Read more about Scorched Earth: Wiper Attacks are the New Face of Cyber War

The Stryker Cyberattack: Why Endpoint and Mobile Device Monitoring Matter

Mar 13, 2026 By Jeff Darrington In Graylog

Recent reports of a cyberattack targeting medical device manufacturer Stryker highlight a growing challenge for modern organizations: maintaining visibility across every device connected to their networks. The Michigan-based healthcare technology company reported a global network disruption affecting its Microsoft environment following a cyberattack.

Read Post

Graylog

Read more about The Stryker Cyberattack: Why Endpoint and Mobile Device Monitoring Matter

What You Need to Know about the Stryker Cyberattack

Mar 13, 2026 By IDStrong In IDStrong

Stryker Corporation is a Fortune 500 medical technology company headquartered in Kalamazoo, Michigan. Founded in 1941, Stryker manufactures surgical equipment, orthopedic implants, neurotechnology, hospital beds, and robotic surgery systems. The company employs approximately 56,000 people globally and reported over $25 billion in revenue for 2025. Stryker's products reach more than 150 million patients annually across 61 countries.

Read Post

IDStrong

Read more about What You Need to Know about the Stryker Cyberattack

Meeting European Data Protection Standards in CRM Systems

Mar 13, 2026 By SecuritySenses In SecuritySenses

If your business involves working with people in Europe, then it is likely that you are already familiar with the General Data Protection Regulation (GDPR). This system has revolutionized how businesses operate in regard to people's information since it was introduced. Not only does information need to be protected against breaches, but people's rights to their information must be respected. For most businesses, it is the CRM system that houses information. It is therefore important to ensure that your CRM system complies with these regulations in Europe. This is not just a technical requirement; it is a business imperative.

Read Post