Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Continuous Offensive Security: The Line We've Been Walking

May 27, 2026 By Nuno Loureiro In Snyk
AI Pentesting is having a moment. Well, several moments, actually. Every other week, another vendor announces something, or another LLM-driven pentesting tool tops some benchmark on a target nobody's heard of, another deck claims a new "gold standard" being disrupted, at long last... It's been busy.
Read Post
cycognito

Emerging Threat: (CVE-2026-48172) LiteSpeed cPanel Plugin Privilege Escalation to Root

May 27, 2026 By Igal Zeifman In CyCognito
CVE-2026-48172 is an incorrect privilege assignment flaw in the LiteSpeed User-End cPanel Plugin that allows any authenticated cPanel user to execute arbitrary scripts as root. The bug sits in the plugin's lsws.redisAble function, which can be invoked through the standard cPanel JSON API to run code with elevated privileges instead of the calling user's own. The vulnerability carries a CVSS v4.0 base score of 10.0 (Critical).
Read Post
knowbe4

Free Gift Fallacy: How Attackers Harvest Credit Cards via Fake Surveys

May 27, 2026 By KnowBe4 Threat Lab In KnowBe4
The classic 'survey reward' scam is back and hitting harder than ever. KnowBe4 Threat Labs is tracking a massive, high-volume campaign that is not only impersonating a wide array of trusted global brands across retail, logistics, and healthcare, but is using hundreds of newly registered domains (NRDs) and sophisticated psychological priming to fly past traditional security defenses.
Read Post

Securing Success: Protecting IP While Powering Productivity

May 27, 2026 By Netskope In Netskope
To ensure a company can continue to operate and make a profit, its intellectual property must be kept safe. It’s not uncommon, however, for employees to unintentionally put IP in harm’s way – and it’s the job of security to prevent accidental disclosure or loss with the right support. Renasas’ focus on preventing accidental data leaks and protecting IP aligns with Netskope's core data loss prevention (DLP) and security capabilities.
View Video
upguard

Practical MCP Security: A Playbook for Mid-Market Teams

May 27, 2026 By Shane Moosa In UpGuard
Most guidance published on AI agent security is written for enterprise organizations. It assumes dedicated AI security functions, red teams, platform engineering groups, and the budget to commission purpose-built tooling. If your security team is three people covering five hundred employees and a cloud environment that grows faster than you can document it, that guidance was not written for you. The five posts in this series have established the threat landscape.
Read Post

Tanium AI Enrichment and Analysis: Tanium Tech Talks #162

May 27, 2026 By Tanium In Tanium
Tired of decoding commands, searching unfamiliar processes, and guessing alert context? See how Tanium AI Enrichment& Analysis breaks down alert activity, explains risk, and guides response - without leaving your workflow. Join us as we explore how Tanium Threat Response uses AI to: Provide detailed context and security implications Decode complex or encoded command lines Summarize alerts with key findings and context Recommend next steps to accelerate investigation and response.
View Video
seemplicity

Exposure vs Vulnerability Management: Is There Actually a Difference?

May 27, 2026 By Megan Horner In Seemplicity
In this exclusive fireside chat, Seemplicity CPO Ravid Circus and SANS instructor Jonathan Risto break down this critical distinction and why mastering it is vital as AI rapidly reshapes the cybersecurity threat landscape. Here’s a summary of what they covered. If you’ve been in security for any length of time, you’ve probably wondered whether exposure management is just vulnerability management with a fresh coat of paint.
Read Post
nightfall

Why MCP Breaks the Financial Services Security Stack

May 27, 2026 By Chris Martinez In Nightfall
A relationship manager asks the firm's AI assistant to "summarize my top wealth clients by AUM and flag anyone with a pending transfer over $500K." The agent calls a CRM MCP server, then a core banking MCP server, then a market data MCP server, and returns a clean answer in twelve seconds. Names, balances, account numbers, pending wire details, all rendered in plain text inside the chat window. No file moved. No email left the network. No DLP channel triggered.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.