(Credit: Ralf – stock.adobe.com)

(Credit: Ralf – stock.adobe.com)

FortiBleed campaign steals 110M credentials from FortiGate targets

Laura FrenchJune 24, 2026

A tool called FortigateSniffer abuses a diagnostic utility to continuously monitor network traffic.

RESOURCES

Identity
How to Build an AI Governance Framework for Identity
Identity
How to Evaluate and Select Identity and Access Management Tools
Identity
Identity-based attacks: how they work and how to defend against them
Identity
No more blind trust: Identity controls for AI agents
Identity
Identiverse 2026: Everyone wants an AI assistant. Few are ready to govern one

PODCASTS

Leadership
The Strategic Human Firewall as AI Impacts Regulations, Cyber Pros, and Employees – Robert Siciliano – BSW #453
Vulnerability Management
Turing, BODS, Struwwelpeter, EO-14409, VBScript, Pixemsmash, Cloudflare, Aaran Leylan – SWN #592
Application security
How AI Is Reshaping Identity Security at the Infrastructure Layer – Ev Kontsevoy, Neha Duggal, Amit Masand – ASW #388
Vulnerability Management
Navigating Shadow AI in the Enterprise, Verizon’s SECOND 2026 report, and the news – Ankita Gupta – ESW #464
Ransomware
LLMS, Identity, EDR, JiGong, QiLin, Warlock, with Rob Allen from Threatlocker… – Rob Allen – SWN #591

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

FFmpeg vulnerability ‘PixelSmash’ could enable RCE via video file

Laura FrenchJune 23, 2026

An attacker can use a crafted file to trigger a heap buffer overflow and overwrite a function pointer.

Malware campaign uses VirusTotal manipulation, legitimate news sites to gain reputation

Laura FrenchJune 18, 2026

The clipboard hijacker campaign also uses “ghost networks” on social media to boost engagement.

Digital fingerprint scan composed of glowing blue circuit board pathways representing biometric security and identity verification in modern technological systems

Identity is the foundation of trust. That makes it everyone’s problem.

Heather FlanaganJune 18, 2026

Identiverse 2026 highlighted identity’s expanding role in AI, trust and governance.

(Adobe Stock)

Network Security

F5 releases out-of-band patches for two critical NGINX bugs

Steve ZurierJune 18, 2026

F5 issued urgent patches for two critical NGINX flaws that could enable DoS or code execution.

(Credit: monticellllo – stock.adobe.com)

Vulnerability Management

Max severity Joomla Content Editor extension flaw targeted in automated attacks

Laura FrenchJune 17, 2026

The flaw was added to CISA’s Known Exploited Vulnerabilities catalog with a three-day deadline.

Attackers drop DragonForce ransomware leveraging MS Teams relay systems

Steve ZurierJune 17, 2026

DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.

(Credit: Claudio Bórquez – stock.adobe.com)

Critical Infrastructure Security

AUR suspends new registrations as 1,500-plus malicious packages flood repository

Laura FrenchJune 17, 2026

Malicious build scripts deploy a Rust-based infostealer and eBPF rootkit.

The Invisible Majority: Why Board Risk Reporting Misses Machine Identity Exposure

SC Editorial Intelligence , expert reviewedJune 16, 2026

Events