Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

JFrog Security Research found 3 zero-day critical vulnerabilities in PickleScan, which would allow attackers to bypass the most popular Pickle model scanning tool. PickleScan is a widely used, industry-standard tool for scanning ML models and ensuring they contain no malicious content.

Unexpected attacks are the hardest to fend off. In the realm of cyber, Zero Day vulnerabilities are among the greatest risks, as these software flaws are unknown and exploited before a fix is available, potentially compromising the thousands of organizations that are unwittingly using vulnerable software.

Application security is becoming increasingly fragmented. Development and security teams use a wide array of tools for testing, protection, and supply chain security. While each tool serves a purpose, they often operate in silos. This fragmentation creates a disconnected view of an organization’s security posture, making it difficult to prioritize and remediate risk effectively.

The network and information security directive 2 (NIS2) is an EU-wide cybersecurity law that contains strengthened cybersecurity regulations and is a general set of mandatory security requirements aimed at already identified critical and important sectors.

Claude Skills is a new feature from Anthropic that has gained rapid adoption, with more than 17,000+ GitHub stars already since its launch in October 2025, allowing users to create and share custom code modules that expand Claude’s capabilities and streamline workflows. But as this ecosystem grows, Cato CTRL uncovered a serious oversight into how Skills are executed.

Platform teams are tasked with keeping clusters secure and observable while navigating a skills gap. At KubeCon + CloudNativeCon North America, The New Stack spoke with Ratan Tipirneni, President and CEO of Tigera, about the future of Kubernetes security, AI-driven operations, and emerging trends in enterprise networking. The highlights from that discussion are summarized below.

In our hyperconnected landscape, software vulnerabilities are proliferating at a record pace. In 2024 alone, more than 40,000 Common Vulnerabilities and Exposures (CVEs) were published, marking a 38% increase over the previous year. Many of these vulnerabilities are weaponized within days, leaving organizations exposed if updates are not applied immediately. Patch management software addresses this risk by automating the detection, acquisition, and deployment of software updates across an IT environment.

When you decide to migrate your system, the goal is to move everything, including your operating system, applications, data and even personal settings, to a new storage device while preserving how things looked, worked and felt before. With the right migration software, you can easily do that and move from an older HDD to a faster new SSD, a larger HDD or a new computer with minimal effort and without spending countless hours manually rebuilding everything from scratch.

Synology and Acronis announced a joint collaboration to enhance customer data security. All Synology BeeDrive, BeeStation, and BeeStation Plus product lines now include a three-year license to Acronis True Image Essentials for one computer. This partnership enables users to perform full-system computer backups while maintaining complete ownership and control of their data through local storage.

Apache SkyWalking is one of the most widely adopted open-source Application Performance Monitoring (APM) and observability platforms, trusted by developers and DevOps teams to visualize telemetry, trace distributed systems, and ensure application uptime. However, a recently disclosed vulnerability has revealed that the very dashboards designed to improve visibility could be turned into attack vectors.