Security Bulletin

Facing surging attacks and an unpredictable AI future, Cisco, Microsoft, Trellix, and RSAC leadership call for a fundamental rethinking of cybersecurity defenses.

VSI, VeriSource's parent company, said the investigation and notification process took over a year.

Safe-seeming cloud services like Google Drive and Trello have everything attackers need to remotely control infected hosts, and most defenders have no idea.

Silverfort's Hed Kovetz discusses the identity security playbook in a machine-driven world.

CVE-2025-31324 is a maximum severity bug that attackers exploited weeks before SAP released a patch for it.

Jason Mical, Field CTO with Devo, discusses with Enterprise Security Weekly host Adrian Sanabria about his firm's as a security analytics platform.

Idan Plotnik, co-founder and CEO of Apiiro, discusses his company's application security platform's role in the AI era with Paul's Security Weekly co-host Jeff Man during RSAC 2025.

At RSAC 2025, experts say Secure by Design is delivering real wins — yet unchecked development speed and supply chain risks still threaten progress.

CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.

Details are scarce, so security experts say jumping to conclusions on who executed the alleged cyberattack is premature.