Topic: cloud security
-
AI Can't Keep Up: Security Jobs Are Booming
Board-level engagement with security teams has increased, integrating them into strategic business discussions on resilience and risk, but this comes with heightened pressure to demonstrate value through clear metrics. Security professionals face operational strain from manual, repetitive tasks, ...
Read More » -
Upwind Secures $250M at $1.5B Valuation for Cloud Security Platform
Upwind Security has achieved a $1.5 billion valuation after securing $250 million in Series B funding, driven by significant revenue growth and a client base that includes major companies like Siemens and Peloton. The company's core innovation is an "inside-out" runtime security model, which uses...
Read More » -
Tenable One: Unified AI, Cloud & SaaS Security Governance
Tenable has launched AI Exposure capabilities within its Tenable One platform, integrating AI security into a unified framework to manage and protect AI usage across an organization's entire digital landscape. The platform addresses the "AI Exposure Gap" by providing continuous discovery and a ri...
Read More » -
Top Cybersecurity Jobs Hiring Now: January 27, 2026
The global cybersecurity field offers diverse, high-demand career paths ranging from strategic leadership roles like Chief Information Security Officer (CISO) to hands-on technical positions in areas such as penetration testing and incident response. Key responsibilities across these roles includ...
Read More » -
Upwind Raises $250M to Secure AI Workloads in the Cloud
Upwind secured a $250 million Series B investment, bringing its total funding to $430 million to accelerate its runtime-first cloud security platform for AI-driven workloads. The company is experiencing explosive growth, with 900% year-over-year revenue increase and a platform that significantly ...
Read More » -
Qualcomm Invests in SpotDraft, Doubling Valuation to $400M for On-Device AI
SpotDraft, a legal tech startup, has secured an $8 million strategic investment from Qualcomm Ventures, doubling its valuation to approximately $380 million since last year. The company addresses enterprise AI adoption barriers in legal services with its VerifAI platform, which performs contract ...
Read More » -
Bridge the Gap: Align Cybersecurity Purchases with Your SOC Team's Needs
Security teams often struggle with tools and workflows that are misaligned with actual threats, leading to inefficiencies like alert fatigue, as purchasing decisions frequently prioritize executive strategy over operational needs. A webinar will address this disconnect by exploring how tool choic...
Read More » -
Rubrik Launches Security Cloud Sovereign for Data Compliance
Rubrik has launched a new solution, Security Cloud Sovereign, to help global organizations meet strict data compliance and security challenges, particularly around data residency and access control. The platform gives customers definitive control over where their data is stored and who can access...
Read More » -
FortiSIEM PoC Released, Rakuten Viber CISO on Messaging Risks
A critical FortiSIEM vulnerability (CVE-2025-64155) now has a public exploit, heightening the urgency for immediate patching, while other vendors like Cisco also addressed actively exploited flaws. Security teams are exploring unconventional intelligence sources, such as torrent metadata, and fac...
Read More » -
Ransomware Never Dies, It Multiplies
Ransomware attacks reached a record high in 2025, with over 6,100 total extortion incidents, as criminal groups rapidly adapted despite law enforcement takedowns of major operations. The threat landscape saw a significant reshuffle among prominent ransomware gangs, with groups like Akira and Qili...
Read More » -
Concentric AI Launches Private Scan Manager for AWS GovCloud
Concentric AI has expanded its platform to support **AWS GovCloud (US)**, enabling U.S. government agencies and contractors to deploy its AI-driven data security within isolated cloud environments to meet stringent federal compliance standards. The new Private Scan Manager allows these organizati...
Read More » -
Top Cybersecurity Jobs Hiring Now: January 2026
The global cybersecurity job market is experiencing high demand for specialized roles, with key positions including Chief Information Security Officers (CISOs), Cyber Defence Specialists, and various types of Security Engineers and Analysts across countries like Australia, France, and the UAE. Sp...
Read More » -
Patch Tuesday Forecast & Critical Trend Micro RCE PoC Released
A critical unauthenticated remote code execution flaw (CVE-2025-69258) in Trend Micro Apex Central requires immediate patching, and CISA warns of active exploitation of a similar HPE OneView vulnerability. The cybersecurity threat landscape is expanding to include novel risks from internal low-co...
Read More » -
Upwind Choppy AI: Simplify Cloud Security Exploration
Upwind has integrated its new Choppy AI into its CNAPP platform, allowing security teams to use natural language to explore and analyze cloud environments while emphasizing transparency and user control. The AI tool translates plain-language questions into visible, editable logic for tasks like i...
Read More » -
Top 6 Cyber Threats to Watch in 2026
The cybersecurity landscape is defined by a dangerous synergy between AI and human ingenuity, creating adaptive, automated threats that require a proactive, intelligence-driven security posture beyond traditional defenses. Key emerging threats include autonomous agentic AI exploits, weaponized de...
Read More » -
MFA Bypass Leads to Major Infostealer Attack on 50 Firms
A major data breach affecting around 50 global companies was enabled by the lack of multi-factor authentication (MFA), allowing an attacker to use stolen credentials for cloud file-sharing platforms. The attacker, using credentials harvested by infostealer malware, accessed accounts where passwor...
Read More » -
Gen AI Data Breaches Surge Over 100%
The enterprise security landscape is being reshaped by generative AI and cloud adoption, forcing a re-evaluation of controls to monitor data flows across unsanctioned personal applications and AI tools. Phishing remains a top threat for credential theft, increasingly targeting cloud logins, while...
Read More » -
Agentic AI: A CISO's Identity Crisis and Accountability
Agentic AI introduces a new, complex identity class that shatters traditional security assumptions, combining autonomous, decentralized operation with human-like intent and machine-scale persistence. These AI agents create severe security risks by multiplying existing identity vulnerabilities, su...
Read More » -
Hybrid Computing: The Future After AI Disrupts Cloud-First
The unique demands of AI workloads, such as cost predictability and low latency, are driving a strategic shift from cloud-first to hybrid computing models that combine cloud, on-premises, and edge infrastructure. Key drivers for this shift include unpredictable and high cloud costs, the need for ...
Read More » -
CISA Mandates Federal Patch for Actively Exploited MongoBleed Flaw
A critical vulnerability in MongoDB, tracked as CVE-2025-14847 and dubbed MongoBleed, is being actively exploited to remotely steal sensitive data like credentials and logs from unpatched servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated federal agencies to pa...
Read More » -
CISOs in Survival Mode: Navigating Risk Under Pressure
CISOs face an overwhelming threat environment where most believe a successful breach is inevitable, leading to a focus on rapid response amid frequent, high-impact attacks and low confidence in employee threat detection. Generative AI is a top priority as both a major security risk and a tool for...
Read More » -
How Automation Is Reshaping Security Strategy
Hybrid infrastructure is now the standard for business continuity and risk management, providing resilience by blending cloud, on-premises, and isolated environments to ensure operations and meet compliance demands. Integrating operational technology (OT) and IT security is critical for protectin...
Read More » -
WatchGuard Firewalls Hacked, Fake PoCs Target Security Pros
Critical vulnerabilities in widely used firewalls like WatchGuard are being actively exploited, requiring immediate patching to prevent network breaches. Threat actors are deploying sophisticated social engineering, such as malware disguised as exploit code, and leveraging darknet AI assistants t...
Read More » -
Cloud Security Is Lagging Behind
The rapid adoption of cloud technologies has created a significant security gap, with development velocity outpacing protective controls and leaving systems vulnerable to sophisticated, fast-moving attacks. Complex multicloud environments and accelerated software deployment, including AI-generate...
Read More » -
Cisco Zero-Day Exploited, Kali Linux 2025.4 Released
A critical zero-day vulnerability in Cisco's email security appliances is being actively exploited by a suspected Chinese-nexus group to compromise devices and erase logs, highlighting urgent patch management needs. Major vendors like Fortinet, SonicWall, and Apple are addressing serious, activel...
Read More » -
AppGate Secures AI Workloads with Zero Trust Agentic AI Core
AppGate has introduced Agentic AI Core Protection to extend zero-trust security principles directly to AI workloads, enabling secure innovation across on-premises and cloud environments. Traditional security models are inadequate for AI agents, as their exposed interfaces create new attack vector...
Read More » -
$3.2M Awarded for 11 Zero-Day Cloud Vulnerabilities
The inaugural Zeroday Cloud cybersecurity competition awarded over $300,000 for the discovery of 11 zero-day vulnerabilities in major cloud platforms, highlighting persistent security challenges in complex cloud environments. A critical container escape flaw in the Linux kernel was uncovered, pos...
Read More » -
Ro's CISO: Securing Telehealth Data Flows
The rapid growth of telehealth creates a complex data flow across cloud and third-party platforms, demanding a dynamic, continuous security strategy that goes beyond static compliance to protect patient privacy. A core vulnerability is the frequent lack of universal data classification, making it...
Read More » -
Astra's Offensive-Grade Scanner Cuts Noise, Proves Risk
Traditional quarterly cloud security scans are insufficient for rapidly changing environments, leading to undetected critical misconfigurations that are a primary cause of breaches. A new scanner addresses this by using an offensive-grade validation engine to actively test and confirm exploitable...
Read More » -
ImmuniWeb Boosts AI-Powered Security Testing & Compliance
ImmuniWeb's Q4 update focuses on identifying AI-specific vulnerabilities, including the OWASP Top 10 for LLMs, and expands capabilities for detecting exposed AI infrastructure and shadow IT assets. The platform enhances compliance testing for regulations like EU DORA, introduces new reporting fea...
Read More » -
Top Cybersecurity Products Launched This Week: December 2025
New cybersecurity tools launched this week focus on automating compliance, securing AI development, and managing third-party software risks to address evolving threats. Several companies introduced AI-specific security solutions, including platforms to protect AI-powered development stacks, gover...
Read More » -
AI Cyberattacks Are Rising: Is Your Network Ready?
Adversarial AI tools are enabling faster, more sophisticated, and evasive cyberattacks that can bypass traditional defenses and overwhelm manual security processes. This threat evolution necessitates a zero-trust security framework and makes comprehensive network visibility through Network Detect...
Read More » -
Gartner's Dire Warning: Why It Says Block AI Browsers
Gartner advises businesses to immediately ban AI-powered browsers due to unresolved security vulnerabilities that prioritize convenience over robust enterprise safeguards. These autonomous browsers risk data breaches by potentially interacting with malicious sites or submitting sensitive informat...
Read More » -
Top Cybersecurity Jobs Hiring Now: December 2025
The cybersecurity field offers diverse, in-demand career paths globally, with organizations actively seeking talent for roles ranging from threat intelligence to cloud security architecture. Specific high-demand roles include threat intelligence analysts, security managers, architects, and engine...
Read More » -
Top Infosec Products Launched This Week: December 2025
BlackFog launched ADX Vision to prevent data loss from unauthorized AI use by detecting shadow AI activity and blocking unauthorized data transfers in real time on endpoints. Datadog introduced Bits AI SRE, an AI agent that streamlines incident management by quickly identifying root causes to ena...
Read More » -
Smart Grids Face Rising Cyber Threats as They Modernize
The shift to decentralized smart grids dramatically expands the cybersecurity attack surface, as millions of distributed devices like EV chargers and solar inverters each become a potential entry point, demanding security built into every layer. Key vulnerabilities include compromised device firm...
Read More » -
Skills Shortages: The Top Cyber Threat Over Hiring
A severe global cybersecurity skills gap, particularly in technical expertise like AI and cloud security, is now a more dangerous threat than general staffing shortages, directly causing significant security incidents for most organizations. The primary obstacles to addressing this gap are a lack...
Read More » -
FTC Orders Illuminate to Delete Student Data in Landmark Settlement
The FTC has proposed a settlement requiring Illuminate Education to delete vast amounts of student data and overhaul its security, following a 2021 breach that compromised millions of students' sensitive information. The breach occurred due to inadequate security, including using a former employe...
Read More » -
Critical Server Vulnerability Sparks Urgent Admin Response
A critical, maximum-severity vulnerability in the widely used React Server package allows attackers to easily execute arbitrary code via a single HTTP request, with public exploit code now available. The flaw's danger is amplified because React is integrated by default into many popular framework...
Read More » -
Smart Cybersecurity on a Tight Budget
Effective cybersecurity on a limited budget requires a strategic shift to maximize existing resources, focusing on specific risks and embedding security into workflows without hindering innovation, especially in open research environments. Success involves enabling safe collaboration through "gua...
Read More » -
Upwind Integrates Real-Time AI Security into CNAPP Platform
Upwind has integrated a real-time AI security suite into its CNAPP, moving beyond siloed AI security to provide unified, runtime-first protection for AI workloads within the broader cloud ecosystem. The platform addresses modern AI security challenges by offering key functionalities like posture ...
Read More » -
Top Cybersecurity Jobs Hiring Now | December 2025
The global demand for skilled cybersecurity professionals is exceptionally high across all sectors and experience levels, creating diverse career opportunities. The field encompasses a wide variety of specialized roles, including positions like Application Security Manager, Cloud Security Archite...
Read More » -
Cyber Giants Boost AI Security in M&A Surge
The cybersecurity industry saw significant consolidation in November 2025, driven by a strategic pivot toward AI-driven security automation and integrated platforms to combat sophisticated threats. Major acquisitions included Palo Alto Networks buying Chronosphere for $3.35 billion to enhance obs...
Read More » -
Top Cybersecurity Open-Source Tools: November 2025
Open-source cybersecurity tools are increasingly popular for providing robust, budget-friendly defense capabilities, including vulnerability scanning and threat hunting. Specific tools like Heisenberg, VulnRisk, and sqlmap offer targeted solutions for software supply chain health checks, context-...
Read More » -
Top Cybersecurity Jobs Hiring Now | November 2025
The cybersecurity job market offers diverse, high-impact roles globally, from leadership to technical positions, aimed at protecting organizations' digital assets. Key roles include strategic leadership like CISOs defining security roadmaps and technical engineers managing security platforms and ...
Read More » -
Trend Vision One: Proactive AI Security for Your Environment
Trend Vision One's AI Security Package, launching in December, provides centralized exposure management and protection across the entire AI application lifecycle, from development to runtime operations. The solution addresses the limitations of conventional security tools by offering specialized ...
Read More » -
Secure Your Cloud with cnspec: Open-Source Policy & Security
cnspec is an open-source tool that provides unified security and compliance scanning across diverse technologies, identifying vulnerabilities and misconfigurations to prioritize fixes. It supports a wide range of targets including cloud platforms, Kubernetes, containers, SaaS applications, infras...
Read More » -
Tycoon 2FA Phishing Platform Exposes Legacy MFA Flaws
The Tycoon 2FA phishing kit enables attackers to easily bypass multi-factor authentication by using automated tools and fake login portals, primarily targeting Microsoft 365 and Gmail credentials. It intercepts user credentials and session cookies in real-time while mimicking legitimate login exp...
Read More » -
Hiring Now: Top Cybersecurity Jobs in November 2025
The global demand for skilled cybersecurity professionals is rising, with November 2025 offering diverse roles across specializations like application security, cloud infrastructure, and governance to address evolving digital threats. Positions span various countries and work arrangements, includ...
Read More » -
Metrics Don't Lie, But They Can Mislead Without Business Context
Aligning IT with business outcomes requires shared metrics and joint forums where technology and business priorities are reviewed together to ensure accountability for both IT performance and commercial results. As companies shift to managing cloud and multi-vendor environments, essential skills ...
Read More »