Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past months, I’ve noticed a shift in customer conversations. Coverage, prioritization, emerging threats — those questions have given way to exposed MCP servers, unmanaged AI chatbots, and risks that don’t show up as CVEs. Mythos comes up in every other call. The calculus changed. AI now writes a quarter of production code, with twice as many vulnerabilities. The exploitation window collapsed from days to hours.

CERT-In just published a risk-based remediation framework that resets expectations for every organisation operating in India. The timelines are worth reading twice: Now consider one question: if a known exploited vulnerability appeared on your internet-facing application at 11pm tonight, what would your team do in the next 12 hours?

Oracle has disclosed CVE-2026-35273, a critical vulnerability in PeopleSoft Enterprise PeopleTools that has already been exploited by threat actors. The vulnerability allows unauthenticated attackers to remotely compromise vulnerable systems and potentially achieve remote code execution, putting exposed PeopleSoft environments at immediate risk. What makes this vulnerability especially concerning is that attackers exploited it as a zero-day before Oracle released a patch.

Small and medium businesses are increasingly exposed to email-based attacks that rely on compromised accounts and trusted communication patterns. In a typical business email compromise scenario, attackers gain access to an executive’s email account and monitor communication over time. This allows them to understand how financial requests are handled and when key individuals are unavailable. At the right moment, they send emails that appear legitimate.

Organizations continue investing heavily in cybersecurity tools, yet many security operations centers (SOCs) still struggle with alert fatigue, investigative delays, and inconsistent response outcomes. The issue is not necessarily a lack of technology. In many environments, it is the opposite. As security stacks expand, operational complexity often expands with them.

Elastic has been named a Strong Performer in The Forrester Wave: Extended Detection And Response Platforms, Q2 2026 report. The report recognized our SIEM-replacement capabilities, open data architecture, AI innovation, and endpoint protection. Here's what Forrester found and why we believe it reflects what we've been building.

When the weather starts to get warmer, it is a sign that summer time is around the corner. But just as the weather heats up and travel plans get booked, scammers capitalize on the season by performing nefarious schemes to separate victims from their money and other valuables. Recent McAfee research found that more than one in three Americans have experienced a travel-related cyberthreat, with 41% of those affected losing money, often costing victims over $500.

Phishing attacks are evolving faster than traditional training programs can keep up. Advances in AI — including generative tools — are making attacks more dynamic, personalized, and harder to detect. At the same time, agentic AI for phishing security training is reshaping how programs improve, enabling them to adapt to user behavior and shifting risk in real time.

If everyone owns cybersecurity, no one really owns it.

An AI agent with access to a customer’s brokerage account can begin executing trades. Not because the customer asked. Because someone, somewhere upstream, slipped a hidden instruction into a tool the agent loaded at startup. The agent is doing exactly what it was told. Just not by the customer. This is not a hypothetical. It is the attack class that financial security teams have exactly zero legacy tooling to catch and it is arriving precisely as banks accelerate their agentic AI ambitions.