TAC Infosec, a global leader in cybersecurity (NSE: TAC), with presence across 100+ countries, announced a historic milestone ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

That model, which assumed a reasonably defined group of people writing code, is gone. In many organizations, anyone can build ...

This post is adapted from a talk I gave at prompted, the AI security practitioner conference. Thanks to Gadi Evron for ...

Does using company portal credentials for union organizing constitute "hacking"? Explore how SkyWest v. Moussaron tests the ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Most organizations start their nonhuman identity security program with a secrets manager. It's a sensible first step. But as workloads multiply across clouds and the credential sprawl grows, the ...

For every human identity your IAM program governs, there are roughly 82 machine identities operating outside it. Most of them authenticate with static credentials that were provisioned once and never ...

Alan Shimel sits down with longtime friend and cybersecurity veteran Rich Mogull to discuss his new role as chief analyst at the Cloud Security Alliance.

Charles Bennett and Gilles Brassard have won the 2026 Turing Award for inventing quantum cryptography. I am incredibly pleased to see them get this recognition. I have always thought the technology to ...

California’s privacy regime has evolved. As of January 1, 2026, the CCPA/CPRA now mandates risk assessments, automated decision-making (AI) oversight, and independent cybersecurity audits.

Depending on who you speak to, Q-day is either right around the corner or several years away. Google isn’t taking any chances and has ramped up its timeline to complete migration to PQC by 2029.