How to protect against OAuth-based supply chain breaches and credential sprawl
For security teams, credential sprawl is like dust; you don't notice it until it has accumulated.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
What cyber conflict reveals about power and doctrine, with Allie Mellen
Cyber conflict is easiest to misread when we treat it as an isolated technical event. In this episode of Chasing Entropy, Dave Lewis speaks with analyst and author Allie Mellen about her book Code War and why the cyber strategies of the United States, China, and Russia make more sense when viewed through the lens of history, doctrine, and political intent.
What we learned using AI agents to refactor a monolith
AI agents are increasingly used to refactor large codebases, but many teams lack a clear understanding of where they succeed and where they fail. At 1Password, we applied agentic tooling to a multi-million-line Go monolith, and in this blog we'll share what worked, what broke, and what it means for teams adopting AI in production systems.
Why Identity Security is Key To Managing Shadow AI
Employees are adopting Artificial Intelligence (AI) tools to enhance their productivity, but they rarely consider the security implications of doing so. When an employee pastes sensitive customer data into an unapproved AI tool, that data is processed by a third-party model outside the organization’s control, often leaving no audit trail for security teams to review.
Eliminate organization-wide credential risk
Many critical tools — social platforms, finance apps, and AI tools — can't be put behind SSO, leaving credentials shared over Slack, stored in spreadsheets, and reused across accounts. In this video, we walk through how 1Password extends identity security beyond SSO, giving teams like Marketing and Finance simple, secure access to shared credentials — while IT and Security gain the visibility, control, and auditability they need. Because attackers don't care about org charts, and now, neither do your security controls.
7 Practical Ways to Shrink Your Digital Footprint in 2026
The average internet user now leaks more personal data in a single day of routine browsing than most people disclosed in a decade two generations ago. Ad networks track page views, data brokers aggregate public records into sellable dossiers, and AI systems ingest everything from social posts to leaked databases to build inferred profiles of individuals. Privacy Rights Clearinghouse has catalogued more than 750 data brokers operating in the United States alone, and industry analysts estimate the broader data-broker economy will grow past half a trillion dollars by the end of the decade.
Beyond patching: Building a Mythos-ready security program
When Anthropic revealed the existence of Mythos, the frontier AI model they deemed too dangerous for public release, the security community was alarmed. And it’s not hard to see why: Mythos is capable of detecting software vulnerabilities at a previously unimaginable scale, and autonomously crafting exploits to weaponize these flaws. According to Anthropic, Mythos created 181 exploits of Firefox in testing, ninety times more than the company’s previous model (Claude Opus 4.6).
How Government Agencies Can Enforce Zero-Trust Security with Keeper
Zero trust is a cybersecurity framework built on the principle of “never trust, always verify,” meaning every user, device and session must be continuously verified for access to be granted and maintained. In federal environments, zero trust is especially critical because privileged accounts can provide access to sensitive systems, infrastructure and data.