For providers

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].]

AI-powered integrated developer environments (IDEs) like Cursor, VS Code, and Windsurf now include agents that utilize Model Context Protocol (MCP) servers, run skills, and generate entire codebases. But as these tools gain access to file systems...

A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process, experts noted.

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched.

The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains.

The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution.

Build a credible OT security foundation without breaking the bank. Our "Starter Pack" framework leverages People, Process, and Technology to help mid-sized industrial operations implement smart, sequenced cybersecurity investments effectively.