Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Many healthcare organizations want to move workloads to AWS but stall because they’re uncertain how to maintain HIPAA compliance in the cloud. The good news: AWS provides the tools and certifications needed for HIPAA-eligible services. The challenge is implementing them correctly. AWS has been HIPAA-eligible since 2013 and currently offers over 150 services that can be used in HIPAA-compliant architectures. But eligibility doesn’t equal compliance.

This blog analyses 2026, examining how pro-Russian hacktivist groups targeted UK government, financial, and transport organisations in response to geopolitical support for Ukraine.

Vendor fatigue doesn’t happen overnight. It builds slowly until one day you realize your security stack has become a security problem. The good news? You don’t have to live with it.

A recent University of North Carolina Wilmington study tested whether general-purpose large language models could infer CVSS v3.1 base metrics using only CVE description text, across more than 31,000 vulnerabilities. The results show measurable progress, but they also expose a hard limit that matters far more than model selection: Model quality helps, but missing context sets a ceiling on reliability.

Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of new customers choosing multi-year commitments.

The OWASP Top 10 is usually presented as a list of technical failures. Broken access control. Injection. Insecure design. Misconfiguration. Each category points to something that went wrong in the application. What it doesn’t say explicitly is what was actually at risk when it went wrong. In most real incidents, the answer is not “the application.” It’s the data inside it. Sensitive data is the reason attackers care about OWASP failures in the first place. Credentials.

I’m delighted to announce CrowdStrike’s intent to acquire Seraphic, the leader in browser runtime security. With this acquisition, we will extend the power of the CrowdStrike Falcon platform into the browser to enforce security within sessions across any browser, on any device. The browser is already the operating system of the enterprise workforce, connecting apps, data, and identity.

Automotive engineering teams are being asked to deliver faster, with less tolerance for failure. Software-defined vehicle programmes, secure OTA rollouts, zonal and service-oriented architectures, and continuous feature delivery are now baseline expectations. In parallel, regulatory pressure is increasing — from WP.29 (R155/R156), ISO/SAE 21434, and the forthcoming EU Cyber Resilience Act — tightening requirements around software integrity, traceability, and lifecycle governance.

Acronis is introducing Acronis Archival Storage, a new S3-compatible cloud storage tier built specifically for long-term data retention, compliance and cost optimization. This addition strengthens the Acronis Cyber Protect Cloud platform by giving MSPs a complete, integrated solution that spans the entire data lifecycle from active protection on PCs and disaster recovery to long-term, compliant data archiving.

Do you know what it takes to launch a retail website that neatly organizes products and enables customers to add items to their carts with a single click? Do you know what powers the booking system your clients rely on? What is the hidden engine that manages your clients’ logistics, controls their supply chain, processes invoices and stores data for analytics and compliance? These are the systems MSPs are trusted to keep running every day. Critical servers.