Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2025-53521: F5 BIG-IP APM Vulnerability Reclassified as Unauthenticated RCE and Exploited in the Wild

Mar 31, 2026 By Arctic Wolf Labs In Arctic Wolf
On March 28, 2026, F5 updated its security advisory for a vulnerability impacting BIG-IP APM that was originally disclosed in October 2025 (CVE-2025-53521). The vulnerability was initially classified as a medium-severity denial-of-service (DoS) issue but has been reclassified as a critical remote code execution (RCE) vulnerability. F5 has stated CVE-2025-53521 is being exploited by unauthenticated remote threat actors to deploy web shells.
Read Post
securonix

Awards Don't Defend Networks. Execution Does.

Mar 31, 2026 By Securonix In Securonix
By: Simon Hunt, Chief Product Officer, Securonix Being named to CRN’s 2026 Security 100 list for the fourth consecutive year is something we’re proud of. It reflects the strength of our partners and the work our teams are doing every day. But recognition doesn’t stop a breach. It doesn’t reduce investigation time. It doesn’t help an analyst close a case faster at 2:00 a.m.
Read Post

AI Takes Over RSAC Conference (Now What?) with Dave Bittner

Mar 31, 2026 By Rubrik In Rubrik
In this RSAC 2026 Conference recap, Dave Bittner, Host of the CyberWire Daily podcast, joins Data Security Decoded host Caleb Tolin from the guest seat to discuss the biggest theme dominating the conference: artificial intelligence, and, more specifically, agentic AI. From wall-to-wall AI messaging across San Francisco to in-depth conversations with security leaders and analysts, one thing became clear: the industry has moved past debating whether AI will take hold. It already has. Now, the focus has shifted to making it safe.
View Video

Ransomware in Healthcare: It's Disruption, Distraction, and Data Theft

Mar 31, 2026 By Rubrik In Rubrik
Ransomware attacks are about disruption, distraction, and data theft happening at the same time. Nelson Carreira breaks down how modern threat actors operate. While one attack disrupts operations, another may be quietly exfiltrating sensitive data. That complexity is why healthcare organizations must prepare for recovery environments that allow clinical operations to continue safely while production systems are rebuilt.
View Video

Outpacing Modern Adversaries with the CrowdStrike Agentic SOC

Mar 31, 2026 By CrowdStrike In CrowdStrike
Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.
View Video
nightfall

Powering Wider Global DLP Coverage with Three New Detectors from Nightfall

Mar 31, 2026 By Chris Martinez In Nightfall
‍A DLP solution is only as strong as what it can detect. Gaps in detector coverage aren't just a technical inconvenience; they're exposure windows. Every format that goes unrecognized is a policy that can't fire, a remediation that can't happen, and a breach waiting to occur. Three new detectors are now available in Nightfall: personal photos (selfies and headshots), Malaysian Driver's License numbers, and South African National ID numbers.
Read Post
seemplicity

Secure the Supply Chain at Scale with Step Security and Seemplicity

Mar 31, 2026 By Kevin Swan In Seemplicity
CI/CD risks don’t get fixed on visibility alone. Step Security surfaces pipeline exposures, while Seemplicity turns them into clear, assigned remediation tasks, grouped by fix and owner, routed into existing workflows, and tracked through resolution, so teams can reduce exposure faster and prove progress.
Read Post
armo

Securing AI Agents on GKE: Where gVisor, Workload Identity, and VPC Service Controls Stop Working

Mar 31, 2026 By Shauli Rozen In ARMO
You enable GKE Sandbox on a dedicated node pool, bind Workload Identity Federation to your AI agent pods, wrap your data services in a VPC Service Controls perimeter, and deploy your agents with the Agent Sandbox CRD using warm pools for sub-second startup. Your security posture dashboard shows every control configured and active. And then an attacker uses prompt injection to trick an agent into exfiltrating sensitive data through API calls that every single one of those layers explicitly allows.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.