Across industries, organizations are investing heavily in cybersecurity controls, compliance frameworks, and assurance programs. Yet many leadership teams still struggle to answer a simple but critical question with confidence: “What is our risk posture right now—and can we trust it?” As cyber threats accelerate, regulatory …
12 – 18 Jan 2026 This week’s CVE of the Week is about the recent remote code execution vulnerability in Cisco’s Unified Communications (CM) products and Webex Calling Dedicated Instance, that has been actively exploited as a zero-day. This vulnerability is due to improper validation …
You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles …
12 – 18 Jan 2026 Our CVE of the Week series continues with an AI Agent vulnerability that affected ServiceNow, one of the most popular cloud-based platforms for IT and business process automation. The CVE-2025-12420 vulnerability, assigned with a CVSS 4.0 score of 9.3, allows …
5 – 11 Jan 2026 A new year, the same mission: raising awareness of critical vulnerabilities. Our CVE of the Week series continues in 2026 to help you stay ahead of emerging security risks. Let’s get started. Our first choice in 2026 is a vulnerability …
You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles …
In September 2024, I published an article on LinkedIn titled The Cost of Convenience: How Data Mismanagement and Ticket-Clipping Models are Failing Renters. It was written out of growing unease, not hindsight. At the time, the concern was simple but deeply uncomfortable: real estate agencies …
Over the past three days, a pattern has emerged that is difficult to dismiss as coincidence, mischief, or edge-case misuse. Investigations reported by reputable outlets, including The Guardian, reveal that Grok, an AI image generation tool, has been used to produce sexualised fake images of …
As modern software ecosystems become increasingly interconnected, software supply chain security has emerged as one of the most critical challenges in application security today. In this article, CyAN member Karthikeyan Ramdass examines why Software Supply Chain Failures, ranked as A03 in the OWASP Top 10:2025, …
