Automating Patch and Compliance Updates Safely with Test and Deploy for Automation
Rolling out patches and configuration fixes across hundreds or thousands of systems is a constant balancing act. IT and security…
Security
Debunking API Security Myths
I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most…
Cheating on Quantum Computing Benchmarks
Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that…
Top CWPP Vendors in 2025: The Ultimate Guide
Here’s a fun fact. Cloud Workload Protection Platforms (CWPPs) are no longer optional but essential. As cloud-native architectures grow more…
Auto-Color Backdoor Weaponizes SAP Flaw for Stealthy Access
A critical zero-day vulnerability in SAP NetWeaver, CVE-2025-31324, is being exploited to deliver “Auto-Color,” a stealthy Linux backdoor. The vulnerability…
The hidden risks of browser extensions – and how to stay safe
Not all browser add-ons are handy helpers – some may contain far more than you have bargained for
Measuring the Attack/Defense Balance
“Who’s winning on the internet, the attackers or the defenders?” I’m asked this all the time, and I can only…
Why your computer will thank you for choosing Webroot Essentials
Let’s be honest – nobody wants antivirus software that slows down their computer. You know the feeling: you install security…
Aeroflot Hacked
Looks serious.
Microsoft Uncovers Sploitlight: How a Spotlight Plugin Flaw Evades macOS TCC Protections
Microsoft Threat Intelligence recently disclosed a serious macOS vulnerability dubbed Sploitlight. It tracked as CVE-2025-31199 that leverages Spotlight importer plugins…