Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Big changes to HIPAA are coming in February 2026 including new rules on how sensitive health data is handled, and updates to the required patient privacy notices. IT teams will play a key role in making sure those protections are actually enforced.

DevOps teams did not sign up to be security teams. But if you run repos, CI/CD, cloud roles, SaaS apps, integrations, or backups, you operate the systems attackers lean on. Most breaches are not flashy. They start with routine failures: a token left in a repo, MFA not enforced, an overprivileged API key that never expires, or backups that are deletable by the same admin identity. Attackers do not need to “break in” if they can log in.

When most security teams think about insider risk, they immediately picture the malicious actor: the disgruntled employee downloading a customer list before quitting, or the rogue developer leaking source code to a competitor.

MITRE ATLAS has become a critical resource for cybersecurity leaders navigating the rapidly evolving world of AI-enabled systems.Traditional threat models are built for human-initiated workflows, APIs, and infrastructure, so they are no longer sufficient to describe modern AI attacks..

Over the last year, Model Context Protocol (MCP) servers have transitioned from "cool developer experiments" into critical production infrastructure. Developers love them because they allow AI agents to open tickets, query databases, and update records with almost zero integration backlog. But there is a fundamental truth we must acknowledge before moving forward: The AI revolution is actually an API revolution.

User-installable extensions for Visual Studio Code, Cursor, and other Integrated Development Environments are an increasingly exploited attack vector, with new malicious extensions discovered almost weekly. Do you have visibility and control?

On January 7, 2026, Trend Micro released a critical patch for Apex Central on-premises versions below Build 7190, addressing multiple vulnerabilities. The most severe of the vulnerabilities disclosed is CVE-2025-69258, a critical severity vulnerability, which allows unauthenticated threat actors to load malicious DLLs and execute arbitrary code as SYSTEM without user interaction. The advisory also includes two medium-severity denial-of-service vulnerabilities, CVE-2025-69259 and CVE-2025-69260.

Many attacks start without drawing attention. Nothing looks obviously wrong at first. It could be through a reused password or an exposed service that allows attackers to gain access to their systems. Sometimes, a well-crafted email is all that's needed. By the time security teams notice something is wrong, attackers have already been inside for days or weeks. This poses a huge challenge for many security teams. They often use multiple tools and conduct manual checks to find signs of intrusion.

AI-generated phishing emails now achieve a 54% click-through rate against just 12% for human-crafted messages. No, that is not a typo! With AI, attackers are now 4.5x more effective at breaching and bleeding your defences. Secondly, phishing attacks have surged by over 1,265% since ChatGPT’s launch in 2022, enabling cybercriminals to launch campaigns at unprecedented scales. The harsh reality?

99% of organizations faced API security issues in the past 12 months. Yet only 10% have an API posture governance strategy in place to actually defend against them. What makes this worse is that 95% of API attacks now come from authenticated sources. Traditional defenses built around authentication are failing. Shadow APIs and zombie APIs operate undetected while businesses manage an average of 660 endpoints with little visibility.