AI isn’t what’s going to be the hot topic of the next year; it’s going to be data breaches in the supply chain and the cost that companies face by not reacting quickly to this emerging threat. The cyber attack on Change Healthcare, one of the world’s largest health payment processing companies, illustrates this point. Change Healthcare was a clearing house for 15 billion medical claims annually—accounting for nearly 40% of all claims.

Ahead of the new US federal fiscal year beginning October 1, the Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) released a memorandum titled Administration Cybersecurity Priorities for the FY 2026 Budget. The memo outlines a comprehensive roadmap for federal agencies and provides crucial guidance for agency heads as they formulate their fiscal year 2026 budget submissions in furtherance of the National Cybersecurity Strategy.

Lax security measures in the software development lifecycle (SDLC) can lead to severe financial repercussions for organizations. The Verizon 2024 Data Breach Investigations Report highlights this growing risk, stating, "Our ways-in analysis witnessed a substantial growth of attacks involving the exploitation of vulnerabilities as the critical path to initiate a breach when compared to previous years.

Are you aware of cyber risks in DevOps and how they can impact your business? Turn on the DevOps Backup Masterclass Podcast to join our host ⁠Gregory Zagraba⁠ and explore the biggest cyber threats to DevOps environments, including GitHub, GitLab, Bitbucket, and Jira with an ultimate review of the Top 2023 risks.

The high-profile case of hiQ Labs Inc vs LinkedIn Corporation (that took place in the US) shed light on the much-discussed data scraping legal issues. We know you don’t want to get lost in legalese. So, we have prepared an easy-to-read summary of the most important points of this decision. The court sided with the scraper and established that scraping public data is not a violation of the CFAA (Computer Fraud and Abuse Act).

A new Cross-Site Request Forgery (CSRF) vulnerability has been discovered in PowerAdmin. This vulnerability poses a significant risk, potentially compromising user data and disrupting the designated functionality across roles.

Working as a contractor for the federal government means complying with a wide range of rules. Some of these are large, obvious, and well-enforced, like the security frameworks we so often discuss here on the Ignyte blog. Others are small rules, scattered throughout disparate memos and resources, and it can sometimes be easy to forget them – or not even know them at all. And, of course, it doesn’t help matters that these rules can change from time to time.