Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Compliance with data sovereignty regulations in New Zealand can be complex to navigate, especially for organisations operating hybrid or cloud deployments. Managed service providers (MSPs) and small and medium enterprises (SMEs) in New Zealand that want to take advantage of the benefits of the cloud must make sure they’re in compliance with regulations.

One of the most insidious security risks isn't a sophisticated attack, it's the endpoint that stops reporting. A sensor that appears enrolled but hasn't sent telemetry in hours or days represents a critical blind spot. Whether due to network issues, system shutdown, agent crash, or intentional tampering, these silent sensors deserve immediate attention.

Kubernetes applications often rely on Persistent Volume Claims (PVCs) to store critical data, from databases to user uploads. Losing this data due to cluster failures or accidents can be catastrophic for DevOps teams. In this post, we’ll walk through how to safeguard your Kubernetes PVCs using CloudCasa, a backup-as-a-service platform.

An engineer gets a notification at 2 a.m. because something in production is broken. They need database access right away. For many teams, that access is already sitting there. Standing permissions granted for a past need that no longer exists. Credential abuse is still the most common way for a breach to start. It accounts for roughly 22% of initial attack paths, which is actually ahead of vulnerability exploitation at 20%. In many cases, attackers are not breaking in or exploiting a flaw.

Let’s get right to it: Razorthorn Security helps organisations achieve and maintain PCI DSS compliance through expert consultancy, gap analysis and preparation for formal assessment and has been recognised by Gartner as a market leader in PCI DSS QSA services. If you’re handling payment card data, you’ll need qualified support to navigate the 500+ controls that PCI DSS demands.

On February 2, 2026, the Notepad++ open source project disclosed new details about a supply chain compromise that impacted its update delivery infrastructure between June and December 2025. The attack was attributed to state-sponsored threat actors with links to China. In this campaign, the threat actors had gained access to a third-party hosting provider used by Notepad++ to distribute updates.

Artificial intelligence (AI) is no longer an experimental capability in cybersecurity; it is foundational to modern security operations. Organizations are operating in environments defined by cloud-first infrastructure, remote and hybrid workforces, SaaS sprawl, and identity-centric attack patterns. At the same time, threat actors increasingly rely on automation and AI to accelerate reconnaissance, credential abuse, and post-compromise activity.

If one autonomous agent is useful, it is natural to ask whether many agents working together could be dramatically more effective. Over the last few weeks, the AI community has been testing this idea in practice by running large numbers of agents in coordinated swarms. The early results are clear: swarms can be far more capable than individual agents, but only under the right conditions.

Article updated and refreshed February 3rd, 2026. Because the tools you’ve deployed aren’t the same as the ones you’re using. Security teams today aren’t short on tools. Most environments are packed with security controls—spanning email, identity, network, endpoint, and cloud. But despite this abundance, risk remains stubbornly high. Attacks continue to land. Exposure persists. The problem isn’t the absence of controls. It’s the lack of control over the controls.

Article updated and refreshed February 3rd, 2026. When ideal controls aren’t possible, intentional alternatives help reduce exposure. Most security teams know what the “right” controls look like on paper.But real-world environments rarely match the blueprint. Between legacy systems,limited staffing, and overlapping tools, the gap between what’s ideal and what’s feasible is often wide. That’s where compensating controls come in. They aren’t shortcuts.