Critical Langflow RCE vulnerability exploited within 20 hours

Laura FrenchMarch 20, 2026

CVE-2026-33017 could enable an unauthenticated attacker to execute arbitrary Python code on the server.

RESOURCES

Identity
Thwarting AI-powered attacks: How identity management can help
Application security
Hard to handle: Securing AI-generated code and the AI agents that write it
Identity
The industrialization of identity compromise: How attackers are scaling faster than defenders
Identity
The ‘most important product’: Okta introduces new platform to manage AI agents
SOC
SOC unification in the age of AI: Five strategic takeaways for security leaders

PODCASTS

Vulnerability Management
Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet – SWN #565
AI/ML
Hacking IP KVMs & Reversing with Radare2 – Sergi Àlvarez – PSW #918
Leadership
Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk – Ben Wilcox – BSW #439
Vulnerability Management
AI Spicy Mode, Steam, Glassworm, Samsung, Stryker, Waymo, Cole Porter, and More – SWN #564
Application security
Creating Better Security Guidance and Code with LLMs – Mark Curphey – ASW #374

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Internet of Things (IoT)

Network Security

US, Canada and Germany take down four large DDoS botnets

Steve ZurierMarch 20, 2026

Experts warn that the botnet operators will likely regroup and come back stronger, armed with AI.

(Credit: Kateryna – stock.adobe.com)

Threat Management

Fake interactive Zoom call leads to malicious ScreenConnect download

Laura FrenchMarch 20, 2026

JavaScript is used to imitate a glitchy Zoom call, prompting the user to install an “update.”

Critical Infrastructure Security

Lack of CISA leadership amid DHS shutdown raises risks, cyber pros say

Steve ZurierMarch 19, 2026

CISA operates short-staffed without a director, raising concerns over cyber risk.

Beast Ransomware’s toolkit revealed by exposed directory

Laura FrenchMarch 19, 2026

Researchers tracked the group’s tooling from reconnaissance to encryption.

Close-up of Apple MacOS Dock with Finder icon selected and mouse cursor hovering

Application security

Apple rolls out ‘Background Security Improvements’ for WebKit browser engine bug

Steve ZurierMarch 18, 2026

Apple shifts to more continuous security patches versus waiting for the next big OS release.

AI coding assistants twice as likely to leak secrets, as overall leaks rise 34%

Laura FrenchMarch 18, 2026

A total of 28.65 million hardcoded secrets were found in public GitHub commits in 2025.

stethoscope on technology background

Threat Management

Stryker cyberattack contained, but experts warn repair costs could soar

Steve ZurierMarch 17, 2026

Security pros call “containment” victory claim hollow as recovery could cost multi-millions.

Threat Management

Phishing emails target AI defenses with unique obfuscation

Laura FrenchMarch 17, 2026

Benign content hidden at the bottom of an email is designed to “outweigh” malicious content.

EVENTS