CISA stories
Failed test days could delay work and income, as Aceable's new study tool targets the weak spots that most licensing candidates miss.
Federal contractors face rising scrutiny as speakers warned CMMC and AI are becoming central to procurement, resilience and national security.
Horizon3.ai opens Iranian cyber threat intel to all NodeZero users as Western organisations brace for state-backed digital retaliation.
Terra Security unveils Terra Portal, a desktop hub fusing AI agents with human pentesters to speed vulnerability fixes from months to hours.
The wider rollout targets critical infrastructure and software maintainers after early users found more than 10,000 serious flaws.
Banks and investment firms face mounting exposure as ransomware incidents jump and more than half of vendors carry high-severity flaws.
Security teams may need to react faster as AI-boosted attackers can exploit flaws within hours, leaving patching cycles behind.
Only a small fraction of disclosed flaws are likely to hit suppliers, leaving security teams to focus on the 58 highest-risk CVEs.
Exposed systems are becoming the main target, as Rapid7 says flaws were used in 38% of incidents and patch windows shrank to five days.
Patch teams are falling behind as exploited flaws pile up, with 47 million instances still open after a year, Qualys data shows.
The free cloud service gives Veeam users and service providers a single view of scattered backup clusters as ransomware risk grows.
Rising breaches and weak credential habits are forcing businesses to adopt passkeys, multi-factor authentication and tighter access controls.
Many firms cannot pause AI systems quickly or explain failures to regulators, according to ISACA's European survey of 681 professionals.
Regulated agencies can now use Elastic’s security tools inside disconnected Google cloud environments as threats grow more automated.
Pressure is growing on AI vendors and software suppliers to improve vulnerability disclosure as experts warn basic CVE details are no longer enough.
The Tel Aviv startup says enterprises need runtime controls as AI agents take on more privileged tasks across core business systems.
Attackers are now exploiting flaws before patches exist, leaving 85% of vulnerable assets unpatched at disclosure across 10,000 organisations.
Rapid7 warns exploited high and critical software flaws more than doubled in 2025, as attackers compress disclosure-to-attack windows.
FIRST to host three cybersecurity conferences in 2026 as it predicts annual CVE disclosures will surpass 50,000 for the first time.
Microsoft's March Patch Tuesday fixes 77 flaws, including a severe SQL Server bug that could grant attackers sysadmin rights remotely.
