%term

Detect runtime threats in Python Lambda functions with Datadog AAP

Apr 14, 2026 By Florentin Labelle In Datadog

Python AWS Lambda functions are ephemeral and highly distributed, which creates security visibility gaps that traditional perimeter defenses and proxy-based controls struggle to fill. Techniques such as credential stuffing, SQL injection, and server-side request forgery (SSRF) can look like legitimate application traffic, making them difficult to identify without visibility inside the application itself.

Read Post

Datadog

Read more about Detect runtime threats in Python Lambda functions with Datadog AAP

How do you defend when the time between patch and exploit collapses?

Apr 9, 2026 By Ashish Malpani In Corelight

Anthropic's Claude Mythos has demonstrated that AI can be leveraged to identify vulnerabilities and develop exploits faster than ever. Here is what that means for how you defend.

Read Post

Corelight

Read more about How do you defend when the time between patch and exploit collapses?

The vulnerability flood is here. Here's what it means - and how to prepare

Apr 9, 2026 By Ross McKerchar In Sophos

We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond. Last week, Thomas Ptacek published a piece arguing that vulnerability research is cooked. His thesis: AI agents are about to drown us in a steady stream of validated, exploitable, high-severity vulnerabilities, faster than anyone can patch them. But from where I sit, the more urgent question isn't whether the flood is coming, but whether the infrastructure we depend on can absorb it.

Read Post

Sophos

Read more about The vulnerability flood is here. Here's what it means - and how to prepare

We let OpenClaw loose on an internal network. Here's what it found

Apr 9, 2026 By Ross McKerchar In Sophos

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks In my previous article on OpenClaw I wrote: “Even the most ‘risk-on’ organizations with deep AI and security experience, will likely find it challenging to configure OpenClaw in a way that effectively mitigates the risk of compromise or data loss, while still retaining any productivity value.” The Red Team here at Sophos took that as ‘challenge accepted’, s

Read Post

Sophos

Read more about We let OpenClaw loose on an internal network. Here's what it found

Adobe Reader zero-day vulnerability in active exploitation

Apr 9, 2026 By Sophos Counter Threat Unit Research Team In Sophos

On April 7, 2026, a security researcher described an Adobe Reader zero-day vulnerability that has been exploited since at least December 2025. The vulnerability allows threat actors to execute privileged Acrobat APIs via specially crafted malicious PDF files that execute obfuscated JavaScript when opened. Exploitation allows attackers to steal sensitive user and system data and to potentially launch additional attacks and remotely execute code.

Read Post

Sophos

Read more about Adobe Reader zero-day vulnerability in active exploitation

Episode 12 - The Agentic SOC: Upleveling Analysts with AI Knowledge Multipliers

Apr 9, 2026 By Corelight In Corelight

Richard Bejtlich sits down with Stan Kiefer, Corelight’s Senior Manager for Data Science, to discuss how AI serves as a vital "abstraction layer" and "knowledge multiplier" for security analysts. Stan explains that while AI can synthesize complex information, it remains untrustworthy without high-fidelity network data at its center to provide verifiable evidence. The episode explores the shift toward an "agentic ecosystem" and a tiered architecture where a central orchestrator manages specialized sub-agents to accelerate detection and investigation.

View Video

Corelight

Read more about Episode 12 - The Agentic SOC: Upleveling Analysts with AI Knowledge Multipliers

Is compliance complexity outpacing IT capacity?

Apr 8, 2026 By Sophos In Sophos

No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements Organizations today operate under a substantial number of IT and cybersecurity compliance obligations.

Read Post

Sophos

Read more about Is compliance complexity outpacing IT capacity?

Acronis Launches MDR by Acronis TRU to Provide 24/7 Threat Detection and Response for MSPs

Apr 7, 2026 By Acronis In Acronis

Delivered by Acronis TRU, the service enables MSPs to provide threat detection, rapid response, and cyber resilience.

Read Post

Acronis

Read more about Acronis Launches MDR by Acronis TRU to Provide 24/7 Threat Detection and Response for MSPs

Modernizing threat detection with advanced ML: Corelight Sensor v.29 release highlights

Apr 7, 2026 By Tim Chiu In Corelight

Staying ahead of sophisticated attackers requires a security platform that evolves at the speed of the threat landscape. Today’s attackers are AI-enabled, increasing the number of attacks and targeting vulnerabilities more quickly than ever. That's why we are excited to announce the Corelight Sensor v.29 release, a significant step forward in our mission to provide critical detections backed by the world's best network evidence.

Read Post

Corelight

Read more about Modernizing threat detection with advanced ML: Corelight Sensor v.29 release highlights

Microsoft + Sophos: The MSP Profitability Advantage

Apr 6, 2026 By Sophos In Sophos

Sophos enhances the Microsoft environments your customers already trust — helping you deliver stronger outcomes, clearer value, and a more defensible service offering. If you’re ready to build a more profitable and scalable Microsoft security practice, let’s talk.

View Video