Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! At what point did they think the changes were good before moving to production? While I’m not blown away by AI, blaming it for process failure muddies the issue.

A simple guide for understanding how ASM actually supports your security program. We often hear organizations ask.

Last month, the Mexican government was hacked. 150GB of government data was stolen, including 195 million taxpayer records. This attack exploited a couple of dozen vulnerabilities across ten institutions. In the past, this would have likely taken a skilled team months to crack. But of course, we’re living in a new age. This attack was executed by one person and their Claude Code assistant.

Dropbox was one of the first cloud storage companies to provide online storage, backups, and sharing for people looking to store their files online. It has since grown its product to include more features, and offers cloud storage for personal to enterprise use. However, Dropbox has a past of security breaches, data leaks, password leaks, and sharing data without user consent. We go into details about these incidents and the following topics within this article.

Your CNAPP flags a misconfigured service account. Your CSPM warns about an overly permissive IAM role. Your container scanner reports vulnerabilities in a model-serving image. But none of these tools can tell you that an AI agent just called an internal admin API it has never touched before — or that a prompt injection caused your LLM to leak customer data through a RAG connector.

Your SOC gets three alerts in quick succession: an unusual outbound connection from a container, a file read on a Kubernetes service account token, and a process spawn that doesn’t match the workload’s baseline. Three different tools, three separate dashboards, three tickets.

Security teams are being asked to do more than ever, often with fewer people and less time. As alert volumes continue to rise and adversaries automate their attacks, even mature SOCs struggle to keep pace. Legacy tools surface signals, but they still leave analysts responsible for triage, investigation, and response decisions that take time and experience to execute well. CrowdStrike Charlotte AI was built to change that model.

Let’s start by drawing a strong distinction between what LimaCharlie does and what others offer in their AI SOCs. LimaCharlie's Agentic SecOps Workspace is an architecture that integrates AI as part of the security fabric. It's agentic AI security you own and control, not a black box you subscribe to. We introduce an easily deployable SOC-as-code approach that increases your control and capabilities.

Bell Ambulance, Inc. is the largest ambulance service provider in Wisconsin, headquartered in Milwaukee. Founded in 1977, the company operates a fleet of 86 ambulances from 11 stations and employs more than 750 medical professionals who respond to approximately 140,000 service calls annually throughout Milwaukee, Waukesha, and Racine counties in Southeastern Wisconsin. The company provides Basic Life Support, Advanced Life Support, and Critical Care transport services.

Ericsson Inc. is the U.S. subsidiary of Telefonaktiebolaget LM Ericsson, a Swedish multinational telecommunications company founded in 1876. Headquartered in Stockholm, the parent company is a global leader in mobile connectivity hardware, software, and services for telecommunications operators and enterprises. Ericsson specializes in 5G, 6G, Internet of Things, artificial intelligence, cloud computing, and serves public safety, utilities, manufacturing, government, and military sectors.