A new cybersecurity playbook highlights that while AI is fantastic at detecting threats, it’s dangerously unpredictable for taking action. The key is using AI to inform decisions, not to execute them, keeping critical enforcement deterministic and auditable.
HPE is urging immediate action on a critical vulnerability in its OneView infrastructure management platform. Rated a perfect 10.0 on the CVSS scale, it allows unauthenticated attackers to run code on a deeply trusted system. This isn’t just another bug; it’s a skeleton key for your network.
In a major move for enterprise security, Palo Alto Networks is deepening its partnership with Google Cloud. The multibillion-dollar deal centers on using Google’s Gemini AI models to power its security copilots.
A U.K. healthcare tech company used by the NHS has been hit by a cyberattack. Hackers claim to have stolen 300 gigabytes of data, though the full impact on patient records is still unknown.
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its 2025 list of the most dangerous software weaknesses. This annual ranking, created with MITRE, is designed to help organizations prioritize security fixes and build safer technology from the start.
Security operations centers are drowning in alerts, forcing analysts to make life-or-death decisions for the business with fragments of data. A new argument says they need to adopt the triage and context models of emergency medicine to survive. Can a “security graph” finally provide the clarity they
Iran’s oldest state-backed hacking group, “Prince of Persia,” has been active in secret for years despite reports of its dormancy. Researchers found it’s been spying on targets globally using upgraded, hyper-stealthy malware. Its command-and-control methods are so advanced, experts say they’ve never
Credit reporting company 700Credit has suffered a major data breach, exposing the sensitive information of 5.6 million people. The breach, discovered on October 25, involved data collected from car dealerships between May and October of 2025.
The Chinese cyber-espionage group Ink Dragon has breached dozens of government and telecom networks across Europe, Asia, and Africa. They’re using compromised Microsoft servers to create hidden communication relays, making their attacks harder to trace.
Google is pulling the plug on its dark web monitoring service. The company says the tool, which scanned for stolen personal info, wasn’t useful enough and will be fully shut down by February 2026.
