Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At the end of 2023, Broadcom completed its acquisition of VMware, reshaping one of the most influential names in virtualization. This move introduced significant changes in licensing, product structure, administration and data protection. As Broadcom reorganizes VMware and its ecosystem, the effects are being felt across customers, partners and backup solution vendors.

VMware vSphere and Microsoft Hyper-V are two of the most popular virtualization platforms. Each solution uses different virtual disk file formats for virtual machines. This means you need to convert virtual disk files when moving VMs between VMware and Hyper-V. For example, you may need to migrate VMs between hypervisors for testing. In other cases, you may need to change the format if you’ve chosen the wrong one when creating the VM. Hyper-V uses VHD and VHDX for VMs, while VMware uses VMDK.

In March 2026, researchers began linking a series of software supply-chain compromises to Replicating Marauder, the BlueVoyant Threat Fusion Cell (TFC) primary identifier for the actor publicly tracked elsewhere as TeamPCP. What made the campaign stand out was that trusted software was poisoned and one compromise repeatedly appeared to enable the next by exposing credentials, release paths, or Continuous Integration and Continuous Delivery or Deployment (CI/CD) trust relationships.

AI Pentesting is having a moment. Well, several moments, actually. Every other week, another vendor announces something, or another LLM-driven pentesting tool tops some benchmark on a target nobody's heard of, another deck claims a new "gold standard" being disrupted, at long last... It's been busy.

Sample of assets impacted by NGINX nginx-poolslip vulnerability, identified by the CyCognito Platform.

CVE-2026-48172 is an incorrect privilege assignment flaw in the LiteSpeed User-End cPanel Plugin that allows any authenticated cPanel user to execute arbitrary scripts as root. The bug sits in the plugin's lsws.redisAble function, which can be invoked through the standard cPanel JSON API to run code with elevated privileges instead of the calling user's own. The vulnerability carries a CVSS v4.0 base score of 10.0 (Critical).

The classic 'survey reward' scam is back and hitting harder than ever. KnowBe4 Threat Labs is tracking a massive, high-volume campaign that is not only impersonating a wide array of trusted global brands across retail, logistics, and healthcare, but is using hundreds of newly registered domains (NRDs) and sophisticated psychological priming to fly past traditional security defenses.

Researchers at Push Security have analyzed a phishing platform used by organized criminal threat actors like ShinyHunters and BlackFile, finding more than 400 domains linked to attacks launched by the phishing kit.

Most guidance published on AI agent security is written for enterprise organizations. It assumes dedicated AI security functions, red teams, platform engineering groups, and the budget to commission purpose-built tooling. If your security team is three people covering five hundred employees and a cloud environment that grows faster than you can document it, that guidance was not written for you. The five posts in this series have established the threat landscape.