US Capitol Building with 3 Flags Flying

(Adobe Stock)

House committee chair calls on Instructure to testify in Canvas hack

Steve ZurierMay 13, 2026

ShinyHunters hit Canvas twice, exposing student data via XSS and identity compromise.

RESOURCES

Managed Security Services
The CISO shortage: Finding leadership without a leader
Exposure management
Fighting fire with fire: Defending against Mythos-powered cyberattacks
SOC
The human factor: Why AI-powered SOCs still need people in charge
Email security
Beyond the inbox: Why your domain and social media are the next front lines
AI/ML
Securing every door: Scalable strategies to manage machine and AI agent risks

PODCASTS

Leadership
Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI – Walter Scott Wilkens – BSW #447
Vulnerability Management
Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Giedi Prime, Aaran Leyland… – SWN #580
Application security
Why Basic Security Practices Still Work – Rob Allen – ASW #382
IAM Technologies
IAM for MSSPs: The Hidden Risk of Blind Trust – Dustin Sachs – CSP #224
AI/ML
The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption – Erich Kron, Deepen Desai, Chris Wallis – ESW #458

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

(Credit: theartofpics – stock.adobe.com)

Vulnerability Management

Patch Tuesday: No zero days among 137 Microsoft CVEs, 4 Word RCEs

Laura FrenchMay 12, 2026

The May 2026 Microsoft security update included no zero days for the first time since June 2024.

(Adobe Stock)

‘Mini’ Shai-Hulud attack compromises hundreds of npm, PyPI packages

Steve ZurierMay 12, 2026

Teams warn the latest Shai-Hulud wave weaponizes trusted OIDC tokens to bypass package integrity checks.

Google reports first known AI-assisted zero-day exploit in the wild

Laura FrenchMay 12, 2026

Attackers used AI to create an exploit script for a 2FA bypass flaw in an open-source project.

(Credit: Robert – stock.adobe.com)

SailPoint GitHub repo hit by third-party cyberattack

Steve ZurierMay 11, 2026

SailPoint says GitHub repo breach exposed no customer data or production systems.

Vibe coding has cybersecurity asking what AI can — and can’t — replace

Laura FrenchMay 11, 2026

Cyber pros balance hype, skepticism and uncertainty as AI coding disrupts industry norms.

Vulnerability Management

Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days

Laura FrenchMay 8, 2026

The actively exploited flaw enables remote admin users to execute arbitrary code.

Vulnerability Management

‘Dirty Frag’ Linux zero-day exposes most distributions to LPE

Steve ZurierMay 8, 2026

Dirty Frag Linux zero-day exposes most distributions to root privilege escalation.

Vulnerability Management

Palo Alto Networks says patch for exploited PAN-OS firewall bug forthcoming

Steve ZurierMay 7, 2026

Palo Alto confirms that its PAN-OS firewalls were actively exploited by a zero-day for more than a month.

EVENTS