You can now nominate vulnerabilities for CISA’s KEV with this form

Laura FrenchMay 22, 2026

CISA seeks to engage the wider community to more quickly identify active exploitation.

RESOURCES

Application security
APIs under pressure: How AI is rewriting the rules of enterprise security
SASE
Next-generation enterprise defense: Managing risk in the age of agentic AI
Managed Security Services
The CISO shortage: Finding leadership without a leader
Exposure management
Fighting fire with fire: Defending against Mythos-powered cyberattacks
SOC
The human factor: Why AI-powered SOCs still need people in charge

PODCASTS

Application security
AppSec Conversations on Agents, LLMs, and OWASP from RSAC – Scott Clinton, Janet Worthington, Merritt Maxim – ASW #384
AI/ML
Visibility with EDR/MDR is still important, ‘the basics’ are impossible, and the news – Rob Allen – ESW #460
Vulnerability Management
TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet… – SWN #583
Critical Infrastructure Security
FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! – PSW #927
Leadership
Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI – Rob Allen – BSW #448

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

Cisco patches critical 10.0 flaw in Secure Workload APIs

Steve ZurierMay 22, 2026

Cisco patches critical 10.0 API flaw in Secure Workload platform.

Network Security

‘Underminr’ exploitation poses similar risks to domain fronting, researchers say

Laura FrenchMay 22, 2026

ADAMnetworks estimates about 42% of domains could be abused using the technique.

The Cybersecurity and Infrastructure Security Agency (CISA) emblem is seen at its headquarters in Arlington, Va.

Critical Infrastructure Security

Senator urges classified briefing after CISA data leak on GitHub

Steve ZurierMay 21, 2026

A GitHub leak exposed CISA credentials, sparking concerns over secrets management and leadership.

WantToCry ransomware evades detection through SMB abuse, remote encryption

Laura FrenchMay 20, 2026

More than 1.5 million exposed SMB ports may be susceptible to brute force attacks.

(Credit: Araki Illustrations – stock.adobe.com)

New Mini Shai-Hulud attack targets npm ecosystem

Steve ZurierMay 20, 2026

Mini Shai-Hulud campaign hits 323 npm packages, GitHub Actions and VS Code tools.

Threat Management

Verizon DBIR 2026: Vulnerability exploits top initial access as patching coverage falls

Laura FrenchMay 20, 2026

The report also highlighted ransomware trends and the evolving role of AI in breaches.

Vulnerability Management

Universal Robots patches critical 9.8 flaw in ‘cobots’ OS

Steve ZurierMay 19, 2026

Critical flaw in Universal Robots cobots could let attackers hijack production systems remotely.

Iran suspected in breaching automatic tank gauges at US gas stations

Laura FrenchMay 19, 2026

The automatic tank gauge systems were reportedly exposed online without passwords.

EVENTS