%term

The AI Inversion: Tracking the Most Dangerous Cyber Attacks of 2026

Apr 8, 2026 By foresiet In Foresiet

For years, AI was the defender’s advantage. In the last 30 days, that narrative inverted — AI is now leaking data, generating malware, refusing to shut down, and erasing billions in market value. AI-enabled attacks rose 89% year-over-year. A single model leak wiped $14.5 billion from markets in one day. An AI agent compromised 600+ firewalls across 55 countries without a human operator. And another AI agent refused to shut down when commanded.

Read Post

Foresiet

Read more about The AI Inversion: Tracking the Most Dangerous Cyber Attacks of 2026

Active Directory under attack: Best practices to defend and protect your organization

Apr 3, 2026 By One Identity In One Identity

Active Directory (AD) remains the foundational identity and access management system for the vast majority of enterprises globally, making it a prime target for cybercriminals. AD is constantly under attack, and threat actors rarely have to resort to complex, zero-day exploits to breach it. Instead, they rely on a pervasive and persistent vulnerability: everyday misconfigurations.

Read Post

One Identity

Read more about Active Directory under attack: Best practices to defend and protect your organization

Breaking Down the Axios Supply Chain Attack

Apr 2, 2026 By Veracode Threat Research In Veracode

Apr 2, 2026 Mastering Software Supply Chain Management in 2026 Read More Natalie Tischler Mar 31, 2026 Why Security Debt Should Be a Board-Level Priority Read More Natalie Tischler Mar 26, 2026 Prioritize, Protect, Prove: A Roadmap for Application Security Transformation Read More Natalie Tischler.

Read Post

Veracode

Read more about Breaking Down the Axios Supply Chain Attack

Can an Attack Start Without Malware? 82% of Attacks Do

Apr 2, 2026 By CrowdStrike In CrowdStrike

What looks like a simple coding task can quickly turn into a real cyberattack. In this demo, we show how a modern malware-free attack works step by step. It starts with something that feels completely normal: a job interview and a small coding assignment. No suspicious files. No obvious malware. But once the script is executed, everything changes. You’ll see how adversaries use trusted tools like Git, Notepad, and Python to gain access, establish command and control, and move inside an environment without being detected at first.

View Video

CrowdStrike

Read more about Can an Attack Start Without Malware? 82% of Attacks Do

How does Sisense stay on top of API Attacks?

Apr 2, 2026 By Salt Security In Salt Security

Sisense powers analytics experiences inside the applications businesses rely on every day. As an API-first platform, securing those connections is critical, especially as AI agents increasingly operate through APIs to access data and trigger workflows. In this conversation, Sangram, CISO and VP of IT at Sisense, and Michael Callahan, CMO at Salt Security, discuss how Sisense approached API security strategically to protect their platform, maintain customer trust, and support innovation in the Agentic AI era.

View Video

Salt Security

Read more about How does Sisense stay on top of API Attacks?

4 steps teams can take to mitigate Iranian cyberattacks on critical infrastructure

Apr 2, 2026 By Xona In Xona

COMMENTARY: When the United States and Israel launched coordinated strikes against Iran on February 28, the security community mobilized around the visible response. I’ve watched that response for two weeks: teams tracking hacktivist DDoS campaigns, incident counts climbing, news coverage following close behind.

Read Post

Xona

Read more about 4 steps teams can take to mitigate Iranian cyberattacks on critical infrastructure

Weathering the Attacker's Perfect Storm with Agentic AI-Powered SecOps

Apr 2, 2026 By Securonix In Securonix

The cybersecurity landscape is facing its own perfect storm: AI-powered attacks coupled with resource constraints and regulator pressure, demanding a fundamental shift in SecOps to rise above. With AI showing no signs of slowing down, these issues are not fleeting. They are here to stay, and it is our responsibility to meet them head-on with efficient, AI-powered solutions that allow SecOps teams to conquer the world’s most innovative attacks.

Read Post

Securonix

Read more about Weathering the Attacker's Perfect Storm with Agentic AI-Powered SecOps

What major cyberattacks reveal about the cost of slow recovery

Apr 1, 2026 By Sharon Natasha Francis In ManageEngine

Cyberattacks often succeed not because they are sophisticated but because organizations lack reliable backups or struggle to restore data quickly. When recovery is slow, even minor disruptions can escalate, providing attackers with the time and leverage they need to deploy ransomware and halt operations. When systems go down, every minute of downtime results in operational disruption, a drop in revenue, and lost customer trust.

Read Post

ManageEngine

Read more about What major cyberattacks reveal about the cost of slow recovery

Axios npm package compromise: What happened, what matters, and how to respond

Apr 1, 2026 By Tanium In Tanium

Attackers carried out a supply chain compromise by abusing a compromised npm maintainer account to publish malicious Axios versions (axios@1.14.1 and axios@0.30.4). These releases introduced an unexpected dependency, plain-crypto-js@4.2.1, which attempted platform-specific malware execution via an npm lifecycle script during installation on Windows, macOS, and Linux.

Read Post