(Credit: Aleksei – stock.adobe.com)

(Credit: Aleksei – stock.adobe.com)

Microsoft denies legal action against researchers after slamming BlueHammer publisher

Laura FrenchJune 2, 2026

The company was criticized after a blog posted that suggested law enforcement involvement.

RESOURCES

Identity
How to Build an AI Governance Framework for Identity
Identity
How to Evaluate and Select Identity and Access Management Tools
Identity
Identity-based attacks: how they work and how to defend against them
Identity
Laying the groundwork: A practical path to identity security for AI agents
Identity
A new identity class: Why AI agents require runtime control

PODCASTS

Application security
BadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR – ASW #385
Vulnerability Management
Helping defense’s use of AI catch up with offense, cost of the vulnpocalypse, news – Evan Powell – ESW #461
Vulnerability Management
Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet – SWN #585
Vulnerability Management
Linux Supply Chain How-To – PSW #928
Leadership
What Security Leaders Should Expect from RSAC – Joseph Blankenship – BSW #449

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Polygonal vector illustration of the virtual private network, shield with vpn and world map, concept of protecting user data around the world.

Vulnerability Management

PAN-OS authentication bypass bug added to list of exploited vulnerabilities

Steve ZurierJune 1, 2026

While NIST upgraded the bug to 9.1, experts say teams must focus more on how attackers can exploit this flaw to gain VPN access.

AI security’s cost bottleneck isn’t tokens – it’s validation

Laura FrenchJune 1, 2026

Experts say attempting to replace deterministic tools and human analysts with AI could cost companies more.

Ukraine hacked state security. Cyberattack on the financial and banking structure. Theft of secret information. On a background of a flag the binary code.

AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets

Steve ZurierMay 29, 2026

Researchers say Russian-speaking group GreyVibe uses AI tools to scale cyberattacks on Ukraine.

(Credit: daily_creativity – stock.adobe.com)

‘Claude Code install’ search result leads to ClickFix infostealer attack

Laura FrenchMay 29, 2026

The attack leverages a polyglot file, heavy obfuscation and fileless execution to evade detection.

Futuristic Digital Padlock and Cyber Security Concept with Binary Data Streams

IBM, Red Hat launch Project Lightwell to secure open-source software

Steve ZurierMay 28, 2026

IBM and Red Hat launch $5 billion effort to secure open-source software supply chains.

Cisco study finds major frontier models susceptible to multi-turn prompt injection attacks

Laura FrenchMay 28, 2026

Single-turn attack success rates are not a reliable benchmark for model safety, Cisco concludes.

AI agent data tools and workflow automation concept with businessman typing on laptop and interacting with digital process interface for artificial intelligence development, integration, productivity

Application security

OWASP launches FinBot to help developers secure AI agents

OWASP GenAI Security Project Team May 28, 2026

OWASP’s FinBot gives developers hands-on training to secure AI agents.

Secure By Design Pledge

Vulnerability Management

CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

Steve ZurierMay 27, 2026

CISA warns of exploited LiteSpeed flaw putting shared hosting at risk.

EVENTS