Cyber Due Diligence
New Security Tools Target Growing macOS Threats
A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which resea...
Hardened Containers Look to Eliminate Common Source of Vulnerabilities
A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them dow...
150,000 Packages Flood NPM Registry in Token Farming Campaign
A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol.
Learning Sales Skills Can Make Security Professionals More Effective
Amazon Web Services VP Sara Duffer highlights the top lessons she brought back to her security role after taking part in Amazon's shado...
Identity Governance and Administration, App Proliferation, and the App Integration Chasm
Most enterprises use more than 1,000 apps, according to ESG research, yet about half are integrated with IGA. Industry innovations enab...
How CISOs Can Best Work with CEOs and the Board: Lessons from the Field
To build an effective relationship with the CEO and the Board, CISOs must translate technical risks into business terms and position cy...
Orgs Move to SSO, Passkeys to Solve Bad Password Habits
In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the pro...
Coyote, Maverick Banking Trojans Run Rampant in Brazil
South America's largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outsid...
Kenya Kicks Off ‘Code Nation’ With a Nod to Cybersecurity
The African country aims to train 1 million workers in tech skills in the short term, with a focus on software engineering, cybersecuri...
‘CitrixBleed 2’ Wreaks Havoc as Zero-Day Bug
The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sig...