Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security operations demands precision and efficiency. Administrators manage complex environments, maintain data flow, uphold compliance, and keep the platform running at scale. Analysts work to quickly understand which alerts require action. Both roles depend on tools that reduce friction and help them move faster. The April 2026 LogRhythm SIEM release introduces updates that make daily security operations work more efficient.

In 2025, we embarked on a new journey to secure the most important technology transformation of this decade – generative AI. Our vision is to help companies secure their AI fast, so that they can innovate on the cutting edge and put AI and agentic use cases into production. To do this, we built Evo, the world’s first agentic orchestrator for AI security. The foundation of any product is customer needs.

Have you submitted your YDWWT workflow yet? Submissions close April 14th. We’ll be giving away an exclusive Workflow Workshop LEGO set to one lucky entrant. NOTE: everyone who enters YDWWT is eligible to win this prize, winner will be selected at random. Enter now.

Attackers carried out a supply chain compromise by abusing a compromised npm maintainer account to publish malicious Axios versions (axios@1.14.1 and axios@0.30.4). These releases introduced an unexpected dependency, plain-crypto-js@4.2.1, which attempted platform-specific malware execution via an npm lifecycle script during installation on Windows, macOS, and Linux.

TLDR; As compliance requirements tighten globally, Australia has taken a decisive step with the introduction of Prudential Standard CPS 234 Information Security, setting a clear baseline for how financial institutions must protect themselves and the people who trust them. Australia’s financial services sector remains one of the most targeted in the world, with high-profile breaches exposing millions of records.

Global Open banking API call volumes are set to cross the 720 billion mark by 2029, and attackers know it. With the global open banking market surging past $38 billion in 2025 itself and projected to exceed $115 billion by 2030, the financial data flowing through these APIs is highly lucrative for threat actors. With over 7.5 million calls made to just AI APIs, they have now graduated from a technical challenge to a business imperative.

We release some good stuff this week with the CertKit agent version 1.8 from our roadmap, along with some small usability fixes in the CertKit web application.

Fresh off two weeks of back-to-back meetings in Washington, DC, and on the floor/in the wings of the RSA Conference, one theme echoed through nearly every conversation I had with senior government officials and public policy leaders from global technology companies: agentic AI security is the defining emerging security challenge of this moment — and policy is not keeping pace.

Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data.

Your AI-BOM shows every model, tool, and data source you deployed. But when your SOC investigates an alert about unusual agent behavior, that inventory tells them nothing about what actually happened at runtime. Static AI-BOMs document what you intended to run. Attackers exploit what your AI workloads actually do in production: which APIs they call, what data they touch, and how they use approved tools in unapproved ways.