Why email security needs its EDR moment to move beyond prevention
Email security is stuck where antivirus was a decade ago—focused only on prevention. Learn from Material Security why it's time for an "EDR for email" mindset: visibility, post-compromise controls, and SaaS-wide protection.
Microsoft investigates outage impacting Copilot, Office.com
Microsoft is investigating an ongoing issue preventing users across North America from accessing Office.com and the company's Copilot AI-powered assistant.
« Ça a commencé par des nuggets gratuits », comment une hackeuse a mis McDonald’s face à ses failles de sécurité
Une hackeuse professionnelle, connue sous le pseudonyme « Bobdahacker », raconte comment sa chasse aux vulnérabilités chez McDonald's, entamée par une simple commande de nuggets gratuits, a révélé d'autres failles de sécurité et conduit au licenciement d’une employée qui avait accepté de l’aider. Un rapport de
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
The company said no critical data was accessed, but the hacker "gained access to one of our IT systems that contains the following data: name, first name, telephone number, SIM card number, PUK code, tariff plan.”
Russian investment platform confirms cyberattack by pro-Ukraine hackers
The Russian platform Investment Projects said it is working to restore its infrastructure following a cyberattack claimed by the pro-Ukraine group Cyber Anarchy Squad.
"Set It and Forget It” Access Control is Not Enough | CSA
We don’t need to throw out RBAC, but we need to evolve beyond it. Modern identity security requires understanding the full picture of effective permissions.
Global Port Disruptions are Redefining Supply Chain Strategies - interos.ai
Recent headlines about the Panama Canal, port concessions in Latin America, and strategic realignments in global shipping have reignited conversations across the logistics and procurement world. For organizations, these developments are immediate signals to assess risk exposure, optimize routing decisions and reevaluate resilience strategies. At interos.ai, our latest analysis shows that these developments are already....
Introducing CSA’s MCP Security Resource Center — the first open industry hub for securing the Model Context Protocol and the broader agentic AI control plane.
Subverting AIOps Systems Through Poisoned Input Data - Schneier on Security
In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts, to detect problems and then suggest or carry out corrective actions. The likes of Cisco have deployed AIops in a conversational interface that admins can use to prompt for information about system performance. Some AIOps tools can respond to such queries by automatically implementing fixes, or suggesting scripts that can address issues...
BLACK HAT FIRESIDE CHAT: Straiker extends ‘red teaming’ to the AI layer as AI attacks surge
The enterprise software model that defined the past two decades — SaaS — is being rapidly eclipsed by a new center of gravity: AI-native systems. These are autonomous agents wired directly into company data, tools, and workflows. Related: LLMs fuel automated attacks According to Straiker CEO Ankur Shah, this shift is happening faster than cloud
Comment ces cyberespions nord-coréens ont infiltré les ambassades étrangères basées à Séoul
Dans un rapport publié le 18 août 2025, les chercheurs de la société de cybersécurité Trellix décortiquent les dessous d'une campagne de cyberespionnage qui dure depuis des mois. En protagoniste principal, on retrouve Kimsuky, un groupe de hackers nords-coréens lié au pouvoir de Pyongyang. Leurs cibles ? Les
Microsoft releases emergency updates to fix Windows recovery
Microsoft has released emergency Windows out-of-band updates to resolve a known issue breaking reset and recovery operations after installing the August 2025 Windows security updates.