Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Aikido Attack finds multiple 0-days in Hoppscotch

Hoppscotch is an open-source API development ecosystem, similar to Postman, with over 100,000 monthly users. Two weeks ago, we set up a self-hosted instance and ran our AI pentest agents against it. They found two high-severity vulnerabilities and one medium-severity vulnerability, all present in versions up to and including 2026.2.1, and all patched in 2026.3.0: All three were responsibly disclosed and have been resolved. Note: We accidentally grouped the XSS and an Access Control issue into one report.

Multiple SAML/OAuth Providers in Atlassian Cloud: Skip the Enterprise Tier with miniOrange

Consider this: Your employees log in through Azure AD. Your contractors use Google. Your vendors authenticate via Okta. Your JSM customers are on AWS Cognito. Four identity systems. One Atlassian instance. And natively, only one identity provider is allowed. That is not a configuration oversight, it is a hard limit built into Atlassian Cloud.

Enterprise AI Security Use Cases: What Security Teams Are Solving For

Enterprise AI adoption is no longer a future problem. The average organization uses 54 generative AI (genAI) applications, and endpoint AI agent adoption is accelerating, with Cyberhaven research tracking 276% growth in 2025. Security programs have struggled to keep pace with either trend. The AI security gap is technical, not philosophical. Most organizations have AI acceptable use policies.

Building Smarter Virtual Assistants with Gemini 3 Flash API: AI for Seamless Workflow Automation

As teams become more distributed and workloads continue to increase, the need for effective automation tools has never been greater. Traditional methods of collaboration often fall short when it comes to handling repetitive tasks, managing high volumes of information, or providing real-time, intelligent support. That's where AI virtual assistants come in, changing how teams collaborate, streamline workflows, and boost productivity.

Why Is CMMC a Big Deal for DoD Contractors?

For DoD contractors handling Controlled Unclassified Information, CMMC 2.0 compliance and CMMC Level 2 certification are now required to meet DoD cybersecurity requirements. Key Takeaways How CMMC Has Evolved What Does This Mean for Your Organization? Now Certified as C3PAO Begin Your Own CMMC 2.0 Journey.

Top 5 Zero Trust Vendors in Cybersecurity in the United States

As cyber threats grow and become more threatening, businesses must shift to stronger, more proactive strategies to protect their data and networks. Zero Trust Security is one such approach gaining traction. Based on the principle of "never trust, always verify," Zero Trust continuously authenticates and authorizes every user and device before granting access to sensitive systems or data, regardless of whether they are inside or outside the network.

The Agentic Identity Crisis: Why Your AI Agents Are Your Biggest Identity Blind Spot in 2026

An intern gets admin access to production for a temporary task, but nobody remembers to revoke it. Imagine that intern works at machine speed, never sleeps, and can chain dozens of actions before you’ve read the Slack ping—and has no instinct for when they’re about to do something irreversible.

Why Entra ID Privileged Identity Management Breaks Down in Multi-Cloud Audits

For many enterprise security teams, audit season feels less like validation and more like reconstruction. Not because they lack logs, and not because their teams are careless, but because their privilege model was never designed to produce a clean, unified story. In Microsoft Entra ID environments, Privileged Identity Management (PIM), works well as long as your world is entirely Microsoft. But no enterprise operates in a single-vendor bubble.

Closing the MDR gap for MSPs: Acronis MDR by Acronis TRU available globally

Cybersecurity has entered a new operating reality. Threats are scaling faster, attack chains are becoming more complex and AI is accelerating both their frequency and sophistication. For MSPs, this creates a structural challenge: clients expect enterprise-grade protection, but most service providers don’t have the internal resources to operate a 24/7 SOC at scale. That’s where MDR comes in. But not all MDR services actually solve the problem.