%term

Continuous Vendor Risk Monitoring: Real-Time Cyber Risk Visibility with Bitsight

Dec 19, 2025 By Bitsight In BitSight

Gain real-time visibility into cyber risks across your entire vendor ecosystem with Bitsight Continuous Monitoring. Continuously track third- and fourth-party security performance, uncover hidden vulnerabilities, and identify high-risk changes before they impact your business. Powered by the industry’s most comprehensive cyber risk data, Bitsight helps security and GRC teams respond faster to critical threats—including zero-day vulnerabilities—while improving vendor collaboration and strengthening overall supply chain resilience.

View Video

BitSight

Read more about Continuous Vendor Risk Monitoring: Real-Time Cyber Risk Visibility with Bitsight

This or That. CEO Shares Favorite Cybersecurity Books in SecurityScorecard Bracket #cybersecurity

Dec 19, 2025 By SecurityScorecard In SecurityScorecard

This or That. Favorite Books of SecurityScorecard Bracket, Cyber Edition is BACK – but this time it's Security Books! �� CEO and Co-Founder of SecurityScorecard Aleksandr Yampolskiy has another list of books you'll want to grab for some winter break reading and relaxation. Which ones are you hoping end up in your stocking this year? Drop a comment with your favorites and recommendations below.

View Video

SecurityScorecard

Read more about This or That. CEO Shares Favorite Cybersecurity Books in SecurityScorecard Bracket #cybersecurity

An Industry Analyst's Take on Nucleus 3.0

Dec 19, 2025 By Nucleus Security In Nucleus

In this episode of Nucleus Conversations, industry analyst and researcher Jon Oltsik unpacks the current state of exposure management, why so many organizations still struggle to manage cyber risk at scale, and the impact the recent Nucleus 3.0 releases will have for customers.

View Video

Nucleus

Read more about An Industry Analyst's Take on Nucleus 3.0

Why MDR Matters for Building Cyber Resilience in Telecoms

Dec 19, 2025 By Nik Levantis In Obrela

Telecom networks are the backbone of the digital economy. They must deliver secure, always-on connectivity at scale, supporting everything from critical national infrastructure to everyday consumer services. But cyber resilience today is no longer defined by uptime alone. It is about the ability to withstand, detect, and respond to highly targeted cyber threats that are designed to exploit the very fabric of telecom environments.

Read Post

Obrela

Read more about Why MDR Matters for Building Cyber Resilience in Telecoms

Cybersecurity Predictions for 2026: Human Risk, AI Data Leaks, and the Next Big Breach

Dec 18, 2025 By Greg Pollock In UpGuard

Looking back at 2025, two mega-trends from the past have continued: First, data breaches remained a constant and continued to trend upward; and second, there was once again a headline disaster no one anticipated. The first point needs no elaboration; data breaches are like air pollution—an accepted nuisance that only occasionally becomes so severe that we wonder why we live like this. For the second point, I gesture toward the major incidents of recent years. MoveIt. Crowdstrike. Snowflake.

Read Post

UpGuard

Read more about Cybersecurity Predictions for 2026: Human Risk, AI Data Leaks, and the Next Big Breach

CultureAI Joins Microsoft's Agentic Launchpad: What This Means for the Future of AI Usage Control

Dec 18, 2025 By CultureAI Team In CultureAI

News AI Usage AI Risk Ria Manzanero Head of Marketing 18 December 2025 3 min read Share.

Read Post

CultureAI

Read more about CultureAI Joins Microsoft's Agentic Launchpad: What This Means for the Future of AI Usage Control

Looking Ahead to 2026: Why Cyber Economics Will Redefine the CISO's Mandate

Dec 18, 2025 By Jeff Gouge In Nucleus

Cybersecurity in 2026 will be driven by economics. Not hype. Not novelty. Economics. Attackers follow financial incentives and scale their operations faster than most enterprises can defend. CISOs must shift from reporting technical metrics to explaining business impact, guide safe AI adoption as Shadow AI grows, and design programs that emphasize resilience over perfection.

Read Post

Nucleus

Read more about Looking Ahead to 2026: Why Cyber Economics Will Redefine the CISO's Mandate

Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise

Dec 18, 2025 By Tiffany Jennings In Mend

How Mend.io’s ServiceNow integration helps organizations manage application, network, and operational risks together—at scale. Managing AppSec and network risk as separate programs is no longer realistic for enterprise security teams. Today’s digital environments are interconnected, distributed, and constantly changing. A single misconfiguration, unpatched server, or vulnerable open-source component can become a point of exploitation when combined with weaknesses elsewhere in the stack.

Read Post

Mend

Read more about Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise

CVE-2025-55182: First Days of React2Shell Exploitations

Dec 18, 2025 By João Godinho In BitSight

On December 3rd Lachlan Davidson disclosed an unauthenticated remote code execution vulnerability in React Server Components (RSC) that exploits how React.js (and Next.js) decodes payloads sent to React Server Function endpoints. On December 4th we started observing fingerprinting attempts for these vulnerabilities and on December 5th we started observing exploitation attempts. React.js is used by 66% of the global digital supply, in the top 0.06% of all technologies.

Read Post

BitSight

Read more about CVE-2025-55182: First Days of React2Shell Exploitations

Cyber Threat Intelligence Simplified: Introducing Bitsight Pulse

Dec 18, 2025 By Bitsight In BitSight

Drowning in threat data? You’re not alone. Bitsight Pulse turns overwhelming intel into clear, actionable insights — so you can see what matters and skip what doesn’t.

View Video