Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Online safety starts with password security. We partnered with Tech With Benefits to share how a password manager can make all the difference.

In Episode 6 of Corelight DefeNDRs, we delve deeper into the fascinating world of DNS covert channels with Vern Paxson, our chief scientist and co-founder. Continuing from our previous discussion, Vern shares his insights on techniques developed to detect these stealthy channels utilized by intruders to evade security measures. We explore the innovative approach of leveraging time series analysis of DNS lookups, how to distinguish benign traffic from potential threats, and the real-world implications of our findings across significant datasets.

CVE-2025-59287 is a critical WSUS remote code execution (RCE) vulnerability that allows attackers to take over vulnerable Windows Server Update Services instances without authentication. With a CVSS score of 9.8, the flaw exploits unsafe deserialization, enabling remote attackers to execute arbitrary code with high impact.

Cut through vulnerability noise! Learn how Tanium Comply’s new Exploit Intel, Endpoint Criticality, and Detected Products help you prioritize and remediate faster. What you’ll learn: Why CVSS alone isn’t enough How EPSS and exploit maturity change the game Dynamic criticality rules for business impact Detected Products for pinpoint remediation Visualize risk with the Exploitability Dashboard.

AI systems are moving fast, sometimes faster than the guardrails meant to contain them. In this episode of Security Matters, host David Puner digs into the hidden risks inside modern AI models with Pamela K. Isom, exploring the governance gaps that allow agents to make decisions, recommendations, and even commitments far beyond their intended authority.

In his first prediction for 2026, Ev explains why that strategy is about to fail. We used to let microservices run anonymously because we had bigger fires to fight. But when all software becomes autonomous AI, anonymity is a risk you can't afford. If your software behaves like a human, why separate it from your human identity strategy? The future isn't "NHI." It's a Unified Identity Layer where humans and non-humans are managed as equals.

How Agentic AI Creates Shadow APIs: Security Risks Explained As businesses move from static applications to Agentic AI, the security landscape is shifting beneath our feet. In this clip from the A10 Networks webinar, "APIs are the Language of AI: Protecting Them is Critical," experts Jamison Utter and Carlo Alpuerto discuss a new frontier in cybersecurity: AI that builds its own APIs.

Discover how Arctic Wolf partners with Amazon Web Services (AWS) to deliver cutting-edge, AI-powered Security Operations Center (SOC) capabilities and advanced security incident response solutions. This video explores how Arctic Wolf leverages AWS cloud infrastructure and artificial intelligence to provide: Learn how this powerful combination enhances your organization's security posture, reduces response times, and protects against evolving cyber threats through intelligent automation and comprehensive managed detection and response (MDR) services.

A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances. Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security. The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber’s role remains ambiguous.