Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When we first launched DMARC Management, it was driven by a simple belief: every domain on the Internet deserves strong email authentication, and cost should never be the reason it doesn't happen. As part of our mission to help build a better Internet, we made DMARC Management available for free to every Cloudflare customer. We wanted to give everyone the tools to understand and improve their DMARC posture without needing to hire an email security consultant or parse XML report files by hand.

The gap between your last backup and a failure defines exactly how much data disappears. That gap is your recovery point objective (RPO), and teams running production workloads on OpenShift and KubeVirt find that most traditional DR tools simply don’t understand the environment well enough to close it. Near-zero RPO requires synchronous replication at the block level. Data must hit both your primary and DR site simultaneously.

Cato CTRL recently analyzed an operator’s command-and-control (C2) server’s entire 33 days operation, including the steps he took to preserve access after the takedown. 339 commands. Four French victims. Between March 30 and May 1, 2026, Cato CTRL studied every command issued by a French-speaking threat actor (“Poisson”) against one French automotive small business and four French individuals.

Article originally published in Green Sheet, June 15, 2026 As artificial intelligence rapidly reshapes the fraud landscape, financial institutions are under growing pressure to detect and stop increasingly sophisticated threats in real time. From AI-driven social engineering scams to evolving mule-account activity and instant payment fraud, traditional approaches to fraud prevention are being tested like never before.

The operational risk in threat intelligence is not missing a data source, it is misclassifying what that data means. This piece breaks down where the process fails, why threat actor attribution and dark web intelligence assessment require human analyst judgement, and how validated, attributed intelligence shortens breach lifecycles for CISOs and security teams.

On May 22, Brazil’s National Data Protection Agency (ANPD or Agência Nacional de Proteção de Dados) published new draft guidance on age assurance (aferição de idade) mechanisms. The guidance provides companies with their clearest picture yet of how to comply under the Digital ECA. Part of a broader rollout of Brazil’s Digital ECA framework, the guide emphasizes risk-based proportionality and privacy by design (privacidade desde a concepção).

Weekly cyberattacks now average 1,968 per week, up 18% year over year and 70% since 2023, while security teams still take an average of 277 days to identify and contain a breach, according to SentinelOne's cybersecurity statistics roundup. That combination changes the meaning of “real time” in security. It no longer means a dashboard that updates quickly. It means building detection and response so attackers don't get months of freedom between first access and containment.

Developer laptops are the most unmonitored credential store in your stack. GitGuardian's new Endpoint Protection finds every credential on every machine before infostealers do.

Your pipeline has an API testing stage. Your scanner runs on every build. A finding list comes back clean. And then something gets exploited in production that your pipeline ran past 47 times without flagging. Here's what happened: endpoint validation passed. Security didn't. They are not the same thing. Here's what that box doesn't capture: APIs don't fail in clean test environments.

CVE-2026-27577 is a code injection flaw in n8n, an open-source workflow automation platform, that lets an authenticated user with permission to create or modify workflows run system commands on the host through crafted workflow expressions. The vulnerability carries a CVSS base score of 9.4 (Critical). Exploitation requires authentication, but only the level of access needed to build or edit a workflow, which is a routine privilege for many users of the platform.