TL;DR: On April 7, 2026, CISA joint advisory AA26-097A confirmed active exploitation of CVE-2021-22681 in Rockwell Automation Logix controllers by the Iranian IRGC-linked group CyberAv3ngers, with operational disruption and financial loss reported ...
RSAC 2026 just wrapped up in San Francisco (March 23–26), and the energy was exactly what you'd expect. Tens of thousands of security professionals packed into the Moscone Center, the hallways buzzing with demos, handshakes, and the kind of ...
Two real 2024 incidents expose the AI agent security gap most enterprises haven't closed: autonomous agents operating without enforced boundaries, inside and outside approved frameworks.
The most dangerous security breaches today don’t start with zero-days or nation-state sophistication. They start with something far more mundane: a leaked API key, a forgotten service account, a long-lived token that nobody remembered existed.
On the morning of February 19, 2026, the University of Mississippi Medical Center - Mississippi's only academic medical center - woke up to a healthcare ransomware attack that took down its Epic electronic health records system, its phone lines, and ...
Three new adversary groups began targeting industrial control systems in 2025. That’s the headline finding from Dragos’ 9th Annual Year in Review OT/ICS Cybersecurity Report - and the details behind it should concern anyone responsible for securing ...
In late January 2026, SmarterTools confirmed that the Warlock (also known as Storm-2603) ransomware group breached its network by exploiting an unpatched SmarterMail server. According to the company's Chief Commercial Officer, the incident began on ...
For decades, the DMZ (demilitarized zone) has been treated as a reliable buffer between the internet and “trusted” internal systems. Expose a limited set of services, wrap them in firewalls, monitor traffic, and assume anything that makes it past ...
