Compliance | Breaking Cybersecurity News | The Hacker News

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex and highly professional criminal ecosystem. The era of the cloud brought general availability of almost infinite amounts of storage. So there is literally nothing that stops criminals from stealing and trafficking heaps of data, be it encrypted or not.  Patient adversaries are employing a "Harvest Now, Decrypt Later" (HNDL) strategy. They are quietly accumulating encrypted data with the intention of decrypting it later using quantum computers. Any data requiring long-term security, such as trade secrets or classified designs, is vulnerable because its lifespan will inevitably outlive its current encryption. Therefore, it is crucial that organizations begin planning their PQC migrati...

Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemic vulnerability.  Recent breaches in defense supply chains show how manual processes create exploitable gaps that adversaries can weaponize. This is not just a technical issue. It is a strategic challenge for every organization operating in contested domains, where speed and certainty define mission success. In an era defined by accelerating cyber threats and geopolitical tension, every second counts. Delays, errors, and gaps in control can cascade into consequences that compromise mission readiness, decision-making, and operational integrity. This is exactly what manual processes introduce: unc...

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of these can perhaps be manageable on its own. The real danger is the toxic combination, when multiple weaknesses align and attackers get a clean chain from entry to impact. A useful prioritization framework treats identity risk as contextual exposure, not configuration completeness. 1. Controls Posture: Compliance and Security As Risk Signals, Not Checkboxes Controls posture answers a simple question: If something goes wrong, will we prevent it, detect it, and prove it? In classic IAM programs, controls are assessed as “configured / not configured.” But prioritization needs more nuance: a missing control is a risk ...

With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness . EC-Council , creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite, with four new role-based AI certifications debuting alongside Certified CISO v4 , an overhauled executive cyber leadership program. The dual launch is the largest single expansion of EC-Council’s portfolio in its 25-year history. It addresses a structural gap that no single tool, platform, or policy can solve alone: AI is scaling faster than the workforce trained to run, secure, and govern it. The launch aligns with U.S. priorities on workforce development and applied AI education outlined in Executive Order 14179, the July 2025 AI Action Plan’s workforce development pillar, and Executive Or...

A new 2026 market intelligence study of 128 enterprise security decision-makers ( available here ) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point higher solution adoption, and superior threat awareness across every measured dimension. The 16% who've implemented it are pulling away. The 84% who haven't are falling behind. The Demographics of the Divide The research surveyed a senior cohort: 85% of respondents are Manager-level or above, representing organizations where 66% employ 5,000+ people across finance, healthcare, and retail sectors. Download the full research here → What is CTEM? If you aren’t familiar, CTEM involves shifting from "patch everything reactively" to "continuously discover, validate, and pr...

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening governance gap where AI usage grows exponentially, but visibility and control do not.  With AI becoming central to productivity, enterprises face a new challenge: enabling the business to innovate while maintaining governance, compliance, and security.  A new Buyer’s Guide for AI Usage Control argues that enterprises have fundamentally misunderstood where AI risk lives. Discovering AI Usage and Eliminating ‘Shadow’ AI will also be discussed in an upcoming virtual lunch and learn .  The surprising truth is that AI security isn’t a data problem or an app problem. It’s an interaction pro...

An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access management tools were built to govern users and directories. Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication layers. Credentials are embedded. Authorization is enforced locally. Usage patterns change without review. These identity paths often operate outside the visibility of IAM, PAM, and IGA. For security and identity teams, this creates a blind spot - what we call Identity Dark Matter. This dark matter is responsible for the identity risk that cannot be directly observed. Why Traditional Approaches Fall Short Most identity tools rely on configuration data and policy models. That works for managed users.

The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go - but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence - it’s fragmentation.  Traditional IAM and IGA systems are designed primarily for human users and depend on manual onboarding and integration for each application - connectors, schema mapping, entitlement catalogs, and role modeling. Many applications never make it that far. Meanwhile, non-human identities (NHIs): service accounts, bots, APIs, and agent-AI processes are natively ungoverned, operating outside standard IAM frameworks and often without ownership, visibility, or lifecycle controls. The result? A shadow layer of untracked identities forming part of the broader identity dark matter - accounts invisible to governance but still active in infrastructure. Wh...

Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not immune to attacks and SaaS downtime, hiding behind the Shared Responsibility cushion. To stay operational, competitive, and resilient in today’s threat landscape, teams must move beyond the dependency on SaaS providers and understand what cyber resilience really means. The Myth of DevOps SaaS Resilience In 2024 alone, popular DevOps SaaS platforms—like GitHub, Jira, or Azure DevOps— experienced 502 incidents in total, which resulted in degraded performance and outages totaling over 4,755 hours . The conclusion is clear: Entrusting “the big players” with your source code, development metadata, and workflow projects doesn’t make your business immune to downtime and subs...

Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a growing customer base and an extensive catalog of over 1800 container image projects, 148,000 versions, 290,000 images, and 100,000 language libraries, and almost half a billion builds, they can see what teams pull, deploy, and maintain day-to-day, along with the vulnerabilities and remediation realities that come hand in hand.  That’s why they created The State of Trusted Open Source , a quarterly pulse on the open source software supply chain. As they analyzed anonymized product usage and CVE data, the Chainguard team noticed common themes around what open source engineering teams are actually building with and the risks associated.  Here’s what they found:  AI is reshaping the baseline stack: Python led the way as the most popular open source image among Chainguard’s glo...

The Invisible Half of the Identity Universe Identity used to live in one place - an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications. Each of these environments carries its own accounts, permissions, and authentication flows. Traditional IAM and IGA tools govern only the nearly managed half of this universe - the users and apps that have been fully onboarded, integrated, and mapped. Everything else remains invisible: the unverified, non-human, unprotected mass of identities we call identity dark matter. Every new or modernized app demands onboarding - connectors, schema mapping, entitlement catalogs, and role modeling - work that consumes time, money, and expertise. Many applications never make it that far. The result is fragmentation: unmanaged identities and permissions operating outside corporate governance. And beyond the human layer lies an even larger challenge...

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025 , malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed unauthorized extraction of user data from AI memory. The result: 23.77 million secrets were leaked through AI systems in 2024 alone, a 25% increase from the previous year. Here's what these incidents have in common: The compromised organizations had comprehensive security programs. They passed audits. They met compliance requirements. Their security frameworks simply weren't built for AI threats. Traditional security frameworks have served organizations well for decades. But AI systems operate fundamentally differently from the applications these frameworks were designed to protect. And the attacks against them don't fit into existing control categories. Security teams followed the f...

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasizes practicality over feature overload, aiming to provide a reliable system for teams that already rely on Google’s tools.  Security as the starting point Encryption and data protection are the basic building blocks of Passwd. Every credential, file, or sensitive asset gets encrypted with AES-256, an extremely secure encryption standard that is widely recognized. Encryption happens before storage, keeping data protected throughout its lifecycle.  Passwd is based on a zero-knowledge architecture; only the users, not Passwd, are able to access decrypted data. It does not have any visibility of the stored passwords or secrets. The structure reflects an enterprise mindset: Centralize...

AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of change within those applications. Security and privacy teams are under significant pressure as the surface area they must cover is expanding quickly while their staffing levels remain largely unchanged. Existing data security and privacy solutions are too reactive for this new era. Many begin with data already collected in production, which is often too late. These solutions frequently miss hidden data flows to third party and AI integrations, and for the data sinks they do cover, they help detect risks but do not prevent them. The question is whether many of these issues can instead be prevented early. The answer is yes. Prevention is possible by embedding detection and governance controls directly into development. HoundDog.ai provides a privacy code scanner built for exactly this p...

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas . Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files.  Traditional security controls were not designed to understand this new prompt‑driven interaction pattern, leaving a critical blind spot where risk is highest. Security teams are simultaneously under pressure to enable more GenAI platforms because they clearly boost productivity.  Simply blocking AI is unrealistic. The more sustainable approach is to secure GenAI platforms where they are accessed by users: inside the browser session. The GenAI browser threat model The GenAI‑in‑the‑browser threat model must be approached differently from traditional web browsing due to several key factors.  Us...

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber human employees, and without proper identity lifecycle management, these bots increase security risks. RPA impacts Identity and Access Management (IAM) by managing bot identities, enforcing least-privilege access and ensuring auditability across all accounts. Continue reading to learn more about RPA, its challenges with IAM and best practices organizations should follow to secure RPA within IAM. What is Robotic Process Automation (RPA)? Robotic Process Automation (RPA) uses bots to automate repetitive tasks that are traditionally performed by human users. In the context of IAM, RPA plays an ess...

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs . This guide helps service providers transform resistance into trust and turn sales conversations into long-term partnerships. In the guide, you’ll learn how to shift from persuasion to partnership, uncover what really drives objections, and lead with credibility as a trusted cyber advisor. Why Traditional Cybersecurity Sales Strategies Don’t Work Today’s buyers aren’t saying “no” to your services because they don’t care about security. They’re saying “no” because they don’t understand what they’re hearing. Most SMBs already know cybersecurity is important. In fact, 57% call it a top priority. However, they’re lost in complexity, jargon, and vendor noise. Wh...

As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies. Here are the five threats that reshaped web security this year, and why the lessons learned will define digital protection for years to come. 1. Vibe Coding Natural language coding, " vibe coding " , transformed from novelty to production reality in 2025, with nearly 25% of Y Combinator startups using AI to build core codebases. One developer launched a multiplayer flight simulator in under three hours, eventually scaling it to 89,000 players and generating thousands in monthly revenue. The Result Code that functions perfectly yet contains exploitable flaws, bypassing traditional security tools. AI generates what you ask for, not what you forget...

India's telecommunications ministry has ordered major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to a report from Reuters, the app cannot be deleted or disabled from users' devices. Sanchar Saathi , available on the web and via mobile apps for Android and iOS, allows users to report suspected fraud, spam, and malicious web links through call, SMS, or WhatsApp; block stolen handsets; and allow a mobile subscriber to check the number of mobile connections taken in their name. One of its important features is the ability to report incoming international calls that start with the country code for India (i.e., +91) to facilitate fraud. "Such international calls are received by illegal telecom setups over the internet from foreign countries and sent to Indian citizens disguised as domestic calls," the government notes on the website. "Reporting about such calls help...

As IT environments become increasingly distributed and organizations adopt hybrid and remote work at scale, traditional perimeter-based security models and on-premises Privileged Access Management (PAM) solutions no longer suffice. IT administrators, contractors and third-party vendors now require secure access to critical systems from any location and on any device, without compromising compliance or increasing security risks. To keep up with modern demands, many organizations are turning to Remote Privileged Access Management (RPAM) for a cloud-based approach to securing privileged access that extends protection beyond on-prem environments to wherever privileged users connect. Continue reading to learn more about RPAM, how it differs from traditional PAM and why RPAM adoption is growing across all industries. What is RPAM? Remote Privileged Access Management (RPAM) allows organizations to securely monitor and manage privileged access for remote and third-party users. Unlike trad...