Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cycognito

Emerging Threat: (CVE-2026-45185) Exim Remote Code Execution via BDAT over GnuTLS

May 13, 2026 By Igal Zeifman In CyCognito
CVE-2026-45185, nicknamed Dead.Letter, is a use-after-free vulnerability in the BDAT message body parsing path of Exim, the open-source Mail Transfer Agent that runs a large share of the internet's email servers. The flaw lives in the GnuTLS-backed TLS path, where Exim can free its internal transfer buffer during a TLS shutdown while the SMTP state machine still holds a reference to it.
Read Post
indusface

DDoS Protection for Education: How Schools, Universities, and EdTech Stay Resilient

May 13, 2026 By Vinugayathri Chinnasamy In Indusface
Globally, schools and universities now face over 4,300 cyberattacks per week on average, marking a 40% year-over-year increase and making the education sector a prime target for disruptive DDoS attacks. Most educational institutions operate with lean IT teams responsible for infrastructure, user support, and security. This resource constraint makes it difficult to withstand prolonged or application-layer DDoS attacks that can quickly disrupt learning platforms and administrative systems.
Read Post
indusface

DDoS Protection for SMBs: Always-On Defense Without the Overhead

May 13, 2026 By Vinugayathri Chinnasamy In Indusface
SMBs absorbed approximately 894 million attacks in 2025, a 71% year-over-year increase — and DDoS drove 85% of that volume, nearly three times the enterprise rate. API DDoS on SMB platforms surged 1,122% in a single year, according to the Indusface State of Application Security 2026 report. With most SMB security operations run by teams of fewer than five people managing both infrastructure and security simultaneously, cybercriminals increasingly view smaller businesses as soft targets.
Read Post

Spotlight on our Founder & CEO, Mr. Anirban Mukherji's interview byte at ETCISO IDAM Summit 2026!

May 13, 2026 By miniOrange In miniOrange
Our Founder & CEO Mr. Anirban Mukherji recently spoke at the ETCISO IDAM Summit 2026 in Mumbai, addressing the challenge of selecting the best vendors among many. He highlighted the importance of robust identity and access management solutions for both human and agent identities. Watch this complete video to know more!
View Video

Scan and Secure Data with DLP Scanner and Cloud Migration Assistant for Confluence | miniOrange

May 13, 2026 By miniOrange In miniOrange
Need to detect, encrypt, and redact sensitive data in your Confluence instance before migrating to the cloud? In this video, we walk you through the Data Security Analysis and Attachment Scanning features of the miniOrange DLP Data Scanner and Migration Assistant for Confluence. Learn how to configure custom regex rules, scan your Confluence pages for sensitive data violations like exposed IP addresses, encrypt or redact sensitive content, scan attachments across spaces, and review your Migration Readiness Score.
View Video

Session on How much of Mythos based attacks can you prevent using modern IDAM techniques?

May 13, 2026 By miniOrange In miniOrange
In this session at ETCISO IDAM Summit 2026, our Founder & CEO Mr. Anirban Mukherji discussed Identity Access Management (IAM), data protection challenges, and AI governance for modern organizations. He covers SSO, MFA, legacy system hurdles, DBT data flows, Shadow AI risks, and practical steps like patch automation, least privilege access, and AI agent controls. Drawing from the Abhimanyu Chakravyuh metaphor, he explains how strong IAM contains breaches. Learn about vendor sovereignty, geopolitical risks, and miniOrange's expertise in IAM, AI security, and privacy.
View Video

Ep. 58 - Double Dragon: How China's APT 41 Works for the State by Day - and Itself by Night

May 13, 2026 By SafeBreach In SafeBreach
China's cyber shadow has already reached your software. APT 41 — known as Double Dragon — isn't just stealing state secrets. They've pioneered a new generation of supply chain attacks, trojanizing the shared code libraries that thousands of organizations trust without question. And their latest splinter unit, UAT 7290, has been inside North American developer environments for over a year — not triggering anything, just watching, learning, and waiting to strike in a way that looks completely native.
View Video
miniorange

Atlassian Team '26: The Conversations That Told Us Where Enterprise Identity Is Headed

May 13, 2026 By Pallavi Narang In miniOrange
We just got back from Atlassian Team '26 in Anaheim. Three days, thousands of attendees, and Atlassian's biggest push yet toward human-AI collaboration. The Founder Keynote set the tone, Rovo agents got smarter, and the Teamwork Collection took center stage. It was a packed, high-energy week. But the most interesting part of our three days wasn't on stage. It was at Booth.
Read Post
CrowdStrike

Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications

May 13, 2026 By Karishma Asthana In CrowdStrike
AI is introducing a new class of threats that don’t look like traditional attacks and can’t be detected with conventional tools. The AI applications that organizations deploy in the cloud interact with large language models (LLMs) through prompts and responses. This prompt layer has emerged as a new attack surface, where risks like prompt injection and sensitive data leakage can go unnoticed.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.