Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In January 2026, the GNU telnetd service from GNU InetUtils was found to be vulnerable to authentication-bypass by Simon Josefsson. Tracked as CVE-2026-24061, this flaw allows an attacker to establish a Telnet session without providing valid credentials, granting unauthorized access to the target system. The vulnerability exists all the way up to version 2.7-2 of the GNU telnetd service and, as indicated by Simon, looks like it was taken right out of the 90s.

To kick off 2026, I’m proud to share that we’ve released the inaugural edition of the SafeBreach State of the Breach Report. This report has roots going back over 11 years when SafeBreach was originally founded. Even then, our goal was always to empower security leaders to better understand the efficacy of their security programs and make data-driven decisions—no more guessing what to do.

Energy. Water. Finance. Healthcare. Transportation. Each of these sectors underpins the daily functioning of modern society—and each is now a potential attack vector for cyber attacks.

On December 4, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the Canadian Centre for Cyber Security jointly released Malware Analysis Report AR25-338A analyzing BrickStorm malware, a sophisticated backdoor attributed to the People’s Republic of China (PRC) state-sponsored cyber actors.

Authors: Tova Dvorin, Senior Product Marketing Manager On December 10, 2024, the EU Cyber Resilience Act (CRA) officially entered into force, marking the start of a three-year runway before its main obligations apply on December 11, 2027. While that might seem distant, the reality is clear: compliance preparation must begin now.

Malicious threat actors don’t work a 9-to-5 schedule, and they definitely don’t take a break when your organization’s annual security assessments are complete. Instead, they constantly put your security posture to the test—day after day, month after month, all year long. That’s why annual penetration tests and periodic validation campaigns are insufficient in today’s threat landscape.

On November 13, 2025, the United States’ Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Defense Cyber Crime Center (DC3), and Department of Health and Human Services (HHS) released a joint Cybersecurity Alert regarding Akira ransomware in conjunction with a number of additional authoring organizations, including Europol’s European Cybercrime Centre (EC3); France’s Office Anti-Cybercriminalite (OFAC)

A new threat campaign, codenamed BrickStorm and attributed to a China nexus group tracked as UNC5221, has security researchers sounding the alarm. This is a highly sophisticated espionage operation, and its most staggering feature is the adversary’s patience. The astonishing average time they remain inside a victim’s network before being detected is well over a year—393 days to be exact.

In the fast-paced world of cybersecurity, detection engineering is a growing discipline that helps organizations stay ahead of threats. But success isn’t just about having the right tools or detection workflows in place—it’s about making sure those tools speak the same language to help you scale your efforts and better understand your overall security posture. This is where parsers play a critical role.

With a background in philosophy, my transition into the world of cybersecurity as a penetration tester sparked a deep curiosity about the inner workings of the prolific cybercrime groups I saw in the news. To better defend against these groups, I needed to understand more about how they worked, specifically how they recruited people, vetted them, and turned their skills into a profitable business model.