Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened In August 2023, HashiCorp transitioned Vault from the Mozilla Public License to the Business Source License (B.S.L.). This change didn t cause a data breach, but it revealed a critical i
IncidentWhat Happened Your security operations team integrated an LLM-based assistant to speed up alert triage and vulnerability analysis. This tool accessed your organization s vulnerability management syste
IncidentOngoing Vulnerability Issues Years after the Log4Shell vulnerability became public, many Log4j downloads still map to vulnerable versions. This isn t about a single breach; it s a systemic failure in
IncidentWhat Happened In Q3 2025, threat researchers identified attacks where adversaries exploited legitimate API access paths to extract unauthorized data. The attackers didn t use a new vulnerability or by
Get weekly security insights and compliance updates delivered to your inbox.
IncidentWhat Happened Aqua Security documented a targeted attack campaign that compromised at least sixty Kubernetes clusters through misconfigured role-based access control (RBAC) policies. Attackers gained
IncidentWhat Happened Check Point researchers disclosed two vulnerabilities in Anthropic s Claude Code, an AI-powered coding assistant that integrates directly into development workflows. CVE-2025-59536 (CVSS
