Cloudflare’s threat research unit finds that volume, not deception, is the most reliable way to defeat an AI-powered security auditor.

From dismantling criminal networks across 18 nations to training nearly a million people in cybersecurity, Fortinet's 2025 Sustainability Report makes the case that protecting critical digital infrastructure is a public obligation — not just a product category.

Cybersecurity firm ESET recovered thousands of attacker messages and draft emails after the previously undocumented GopherWhisper group used legitimate workplace tools as command-and-control infrastructure, then failed to clear its tracks.

An audit report ages the moment it is issued. A certificate begins decaying before it leaves the printer. In a market where AI agents act in milliseconds and insurers price detection time to the second, the periodic mechanisms that once produced trust have stopped working. The companies winning in the next decade are the ones rebuilding their security stacks to continuously demonstrate trust to audiences that never stop watching.

Critical Microsoft vulnerabilities doubled in 2025 while enterprise AI agents surged 467%, and the disclosure systems businesses rely on are losing the ability to see what matters most

The rise of AI agents is introducing new challenges to traditional identity and access management, especially in identity registration, governance, and credential authentication. As autonomous agents access enterprise systems on behalf of humans, nobody can agree on who — or what — is responsible when something goes wrong. A reported feature on accountability in the age of machine identity.

Anthropic's Claude Mythos Preview can autonomously find and exploit software vulnerabilities at a depth no human team can match. The industry response has ranged from alarm to pragmatism — and the most useful voices may be the ones urging both at once.

A new global report from Veeam exposes a widening gulf between recovery confidence and recovery reality, just as AI is accelerating the risks that make both matter more.

Every geopolitical crisis brings a second offensive, one that runs not on battlefields but through networks, hospitals, water systems and businesses. Since the US-Iran war began in February 2026, that reality has moved from warning to weekly headline. Three cybersecurity leaders explain what it takes to stay standing when conflict follows you home through your own systems.

Stolen GitHub credentials. Silent data exfiltration through DNS. Ungoverned AI agents roaming enterprise networks with administrator-level access. Three research disclosures, one sobering conclusion: ChatGPT has been handling the world's most sensitive data inside an environment that attackers could have exploited at will.

A hidden communication path inside ChatGPT's code execution environment let attackers drain sensitive conversations to external servers without triggering a single alert. The vulnerability is patched. But the security architecture question it raises is not.