Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A critical stored XSS vulnerability (CVE-2025-10573) in Ivanti Endpoint Manager lets attackers poison the admin dashboard with malicious scripts, leading to session hijacking and device compromise. AppTrana blocks these malicious scan submissions at the edge, preventing stored XSS payloads from ever reaching the EPM dashboard, even before patching.

Many sensitive documents don’t fit cleanly into standard categories, and traditional approaches like regex or broad classifiers often create noise and false positives. In this video, we walk through how to use Nightfall’s prompt-based file classifiers to detect business-critical documents based on intent, not brittle patterns or custom model tuning.

Before investing in new security tools, it’s critical to understand what your current stack is actually delivering. Barmak Meftah spoke about the importance of baselining existing investments to truly grasp risk acceptance versus real risk exposure. Without that foundation, new acquisitions lack context and are often driven by trends rather than necessity. Smarter decisions come from understanding:︎ What is already deployed︎ How it is configured︎ Where exposure persists.

On this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.

AI dominated headlines this year and threat actor groups made bold moves in 2025. From threat actors like Imperial Kitten and scammers using tools like Sora AI to mimc real human voices to Congressional action on the PILLAR act and a $50 billion rural healthcare investment from the U.S. government, there are a lot of moments this year that make up Cyber Santa's Naughty and Nice List for 2025.

In this clip from This Week in NET, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess game running inside ChatGPT, built with the Agents SDK and Cloudflare Workers. Beyond the demo, we talk about what developers can build today with AI agents — and why, given the pace of innovation, it’s genuinely hard to predict what applications and experiences will emerge in 2026.

Optimism and pessimism are described as two sides of the same insanity, while real security work is grounded in facts and risk. Security professionals are often labelled pessimistic for focusing on problems, yet this mindset protects systems by facing threats without sugar coating or denial.

Different viewpoints and psychological safety improve both problem solving and emotional support in security teams. The clip highlights how rushing to fix other people’s struggles can backfire, and shows why listening without assuming you know the solution is often the most effective response.

This tutorial demonstrates how to set up the Google Drive Integration for monday.com, enabling seamless access to your Google Drive files directly within monday.com. With this app, you can view, search, and manage your Drive files without leaving your monday.com workspace. Experience smooth 2-way synchronization between Google Drive and monday.com for better collaboration and file management. With the monday.com Google Drive Integration, you can.

Are agentic AI threats just hype or reality? Security Visionaries host Max Havey digs into the world of agentic AI-enabled threats and cyber espionage with guests Neil Thacker, Global Privacy and Data Protection Officer at Netskope, and Ray Canzanese, Head of Netskope Threat Labs. IN THIS EPISODE.