Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DuneSlide: Two Critical RCE vulnerabilities via Zero-Click Prompt Injection in Cursor IDE

Cato AI Labs has discovered two critical remote code execution (RCE) vulnerabilities in Cursor IDE, the popular development environment which, according to Cursor, is used by over half of the Fortune 500. Both RCE vulnerabilities, which we refer to as “DuneSlide,” achieved a 9.8 CVSS score, and involve breaking out of the IDE’s sandbox environment and were assigned CVE IDs CVE-2026-50548 and CVE-2026-50549.

And another one. GitHub ships break-glass credential revocation

Last week, GitHub released self-service credential revocation for Enterprise. The feature lets organization owners cut off compromised credentials across the entire organization in one action instead of trying to track down individual tokens during an active incident. This fix was a long time coming, as the past few months have shown what happens when revocation is slow or incomplete.

From ISDN to AI - Two Veterans on How Defence in Depth Has Changed

Defence in depth has evolved every time the technology landscape has shifted. The internet, virtualisation, cloud, SaaS. AI is the next shift, and the old model isn't keeping up. Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined once again by Martin Voelk, co-founder of SpartanX and an ethical hacker with nearly 26 years in cybersecurity.

Reflectiz to Host Webinar, Joined by Taboola, on Securing Third-Party Marketing in the AI Era

Reflectiz, the web exposure management platform, today announced a live webinar with Taboola, "Securing Third-Party Marketing in the AI Era," taking place July 8 at 9 AM EDT / 3 PM CEST. Every marketing vendor a company approves can silently introduce third and fourth-party scripts that no security team ever reviewed. In the AI era, that invisible layer is expanding faster than point-in-time audits can track. The gap between what an organization approves and what actually executes on its site is where data leakage, regulatory exposure, and compliance failures happen.

OpenMatter Network Introduces Verifiable Trust Layer for Secure Collaboration and AI Agents

OpenMatter Network today announced the launch of its cryptographically verifiable platform for secure collaboration and AI governance, built on a simple premise: Don't Trust Data. Prove It. For decades, organizations have relied on trust-based assumptions to secure data, execute workloads, and govern digital systems. But as data becomes increasingly distributed and AI agents begin operating autonomously across organizations, applications, and networks, those assumptions are being tested in new ways.

AI Is Breaking Defence in Depth Faster Than We Can Fix It

This episode explores how defence in depth is changing in an AI enabled business world, where code driven systems, supply chain risk and offensive AI are moving faster than defenders can react. It looks at why human in the loop is failing, why visibility still comes too late, and what modern cyber defence needs to become next.

Six Five Media: Navigating Cloud Complexity, Security, and Infrastructure Change with 11:11 Systems

Enterprise leaders are not facing one infrastructure decision at a time anymore. Modernization, AI adoption, security hardening, and cost containment are all landing on the same desk simultaneously, and rising licensing costs plus a shifting VMware ecosystem are forcing decisions enterprises did not expect to make in this cycle.

TITAN AI Demo Series: Get Real-Time Visibility Into Your Vendor Ecosystem with TITAN Watch

Real-time visibility into your vendor ecosystem changes everything about how you manage third-party risk. In this latest edition of SecurityScorecard's Demo Tuesdays, get an introduction to TITAN Watch — and see how security teams are moving from stale, periodic reviews to continuous, always-on intelligence across their entire vendor ecosystem. Watch the demo below.

How KeeperMSP Simplifies Multi-Tenant Security

For Managed Security Service Providers (MSSPs), managing cybersecurity programs across multiple client environments can be a daunting task. Context-switching between isolated client accounts, enforcing access policies at scale and ensuring that no vulnerability in one environment affects another demonstrates the ongoing challenges of multi-tenant security.