(Adobe Stock)

(Adobe Stock)

Critical 9.8 Weaver E-cology vulnerability actively exploited

Steve ZurierMay 5, 2026

Critical Weaver E-cology bug exploited for RCE, exposing core enterprise workflows and secrets.

RESOURCES

AI/ML
Securing every door: Scalable strategies to manage machine and AI agent risks
AI/ML
Handling shadow AI at the source: Why the browser is the new control layer
Application security
Ring the alarm! Your IT security program has a mobile-app gap
SOC
From OODA to SUDA: Why the Agentic SOC has to be customizable
Identity
Privilege risk is in the lifecycle: A CISO discussion on modernizing identity control

PODCASTS

Leadership
Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft – Dan Rochon, Edward Wu, Arunesh Chandra – BSW #446
Vulnerability Management
Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland – SWN #578
Application security
Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381
Encryption
Post Quantum Migration Struggles, AI Threats, and Modern Defenses – Bobby Ford, HD Moore, Eyal Benishti, Ramin Farassat, Daniel dos Santos – ESW #457
Vulnerability Management
DOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet – SWN #577

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

CISA reportedly considers 3-day patch deadline for KEV flaws

Laura FrenchMay 5, 2026

Officials are considering how AI tools like Claude Mythos could shorten exploit timelines, Reuters reports.

Vulnerability Management

Copy Fail bug added to CISA’s list of known exploited vulnerabilities

Steve ZurierMay 4, 2026

CISA flags “Copy Fail” Linux bug as exploited, urging immediate patching across systems.

Cisco releases open-source ‘DNA test for AI models’

Laura FrenchMay 1, 2026

The Model Provenance Kit allows organizations to trace model origin and similarity.

(SonicWall)

Security Operations

SonicWall releases firmware updates for three CVEs

Steve ZurierMay 1, 2026

SonicWall patches 3 flaws; experts warn ransomware actors may quickly exploit unpatched firewalls.

Threat Management

Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026

Laura FrenchMay 1, 2026

The company detected about 8.3 billion email-based phishing threats between January and March.

Linux source code with a binary background. 3D rendered Illustration.

Application security

‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017

Steve ZurierApril 30, 2026

AI-found Linux flaw enables easy root access, heightening risk across cloud and shared systems.

Vulnerability Management

CISA adds ConnectWise, Microsoft flaws to KEV catalog

Laura FrenchApril 30, 2026

The Windows flaw stems from an incomplete patch of a vulnerability exploited by APT28.

Unlocking Potential Exploring the Power of Large Language Models

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

Steve ZurierApril 29, 2026

Latest case was the second time in five weeks the Python package was exploited.

EVENTS