Latest from todayNewsPossible software supply chain attack through AWS CodeBuild service bluntedResearchers at Wiz, who discovered the hole, said it could have led to compromised AWS GitHub repositories.By Howard Solomon15 Jan 20265 minsDevelopment ToolsGitHubVulnerabilities News Eurail customer database hackedBy Julia Mutzbauer15 Jan 20262 minsCyberattacksCybercrimeData BreachNews Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emergesBy Shweta Sharma15 Jan 20264 minsSecurityVulnerabilities NewsFrom typos to takeovers: Inside the industrialization of npm supply chain attacksBy Shweta Sharma 15 Jan 20266 minsDevelopment ToolsSecurityVulnerabilities FeatureWhat is AI fuzzing? And what tools, threats and challenges generative AI bringsBy Maria Korolov 15 Jan 202611 minsSecurityVulnerabilities News AnalysisRansomware gangs extort victims by citing compliance violationsBy Julia Mutzbauer 15 Jan 20262 minsComplianceMalwareRansomware News AnalysisSophisticated VoidLink malware framework targets Linux cloud serversBy Lucian Constantin 15 Jan 20265 minsCloud SecurityMalware NewsOutput from vibe coding tools prone to critical security flaws, study findsBy John E. Dunn 14 Jan 20265 minsArtificial IntelligenceDevelopment ToolsVulnerabilities NewsIran’s partial internet shutdown may be a windfall for cybersecurity intelBy Evan Schuman 14 Jan 20267 minsCyberattacksCybercrimeInternet Security More security newsnewsCrowdStrike to add browser security to Falcon with Seraphic acquisitionAs generative AI reshapes browser usage, the acquisition will bring in-session browser security to the Falcon platform.By Nidhi Singal 14 Jan 2026 4 minsBrowser SecurityEndpoint ProtectionGenerative AInews analysisUS cybersecurity weakened by congressional delays despite Plankey renominationSean Plankey’s renomination as CISA director offers some relief, but stalled legislation on cyber threat information sharing and state and local grants continues to strain the nation’s ability to counter rising cyber threats.By Cynthia Brumfield 14 Jan 2026 7 minsGovernmentGovernment ITSecuritynewsJanuary 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attentionCSOs should also install updates for 3 certificates that will expire this year.By Howard Solomon 14 Jan 2026 7 minsSecurityVulnerabilitiesZero-Day VulnerabilitiesnewsCybersecurity risk will accelerate this year, fueled in part by AI, says World Economic ForumIts annual cybersecurity outlook says cyber resilience is key to lowering that risk, with AI the most significant driver of change for both attackers and defenders.By Howard Solomon 13 Jan 2026 7 minsArtificial IntelligenceSecuritynewsHigh-severity bug in Broadcom software enables easy WiFi denial-of-serviceDiscovered during fuzz testing, the bug affects Broadcom chipset software and requires a manual router reboot after each attack.By Shweta Sharma 13 Jan 2026 4 minsNetwork SecuritySecurityVulnerabilitiesnewsNotorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal usersAfter two years of arrests and takedowns, is this the end for the hacking forum? By John E. Dunn 12 Jan 2026 4 minsCyberattacksData BreachHacker GroupsnewsMalicious npm packages target the n8n automation platform in a supply chain attackResearchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from enterprise workflows.By Shweta Sharma 12 Jan 2026 3 minsCyberattacksSecurityVulnerabilitiesnewsIran-linked MuddyWater APT deploys Rust-based implant in latest campaignResearchers discover RustyWater malware targeting organizations in Israel and other Middle Eastern countriesBy Gyana Swain 12 Jan 2026 4 minsCyberattacksCybercrimeSecuritynewsTrend Micro patches critical flaws in its Apex Central softwareThe bugs could allow an attacker to take over an affected system for their own purposes, or to crash the software, causing a denial of service.By Maxwell Cooter 10 Jan 2026 4 minsSecurity Information and Event Management SoftwareSecurity SoftwareVulnerabilitiesnews analysisZombieAgent ChatGPT attack shows persistent data leak risks of AI agentsSecurity researchers from Radware have demonstrated techniques to exploit ChatGPT connections to third-party apps to turn indirect prompt injections into zero-click attacks with worm-like potential and persistent implications.By Lucian Constantin 9 Jan 2026 5 minsCyberattacksData and Information SecurityGenerative AInewsCrowdStrike to acquire SGNL for $740M, expanding real-time identity securityThe acquisition brings SGNL’s real-time, risk-aware authorization to CrowdStrike’s platform as machine identities and AI agents reshape access control.By Gyana Swain 9 Jan 2026 5 minsArtificial IntelligenceSecurityTechnology IndustrynewsCISA flags max-severity bug in HPE OneView amid active exploitationThe flaw allows remote code execution via a public REST API, giving attackers a direct path to compromise enterprise infrastructure.By Shweta Sharma 9 Jan 2026 3 minsSecurityVulnerabilities Show more Show less Explore a topicApplication SecurityBusiness ContinuityBusiness OperationsCareersCloud SecurityComplianceCritical InfrastructureCybercrimeIdentity and Access ManagementIndustryIT LeadershipNetwork SecurityPhysical SecurityPrivacyView all topics Spotlight: Setting the 2026 IT agenda Articles Buyer’s Guide Given the rapid pace of technology change today, IT leaders are setting their short-term agendas with agility, flexibility, and tangible business outcomes in mind. This month’s topic leans on Foundry’s original Tech Priorities research and external research, along with conversations with IT leaders to uncover enterprise technology trends for the year ahead. Automating, streamlining, and modernizing IT operations is a must as IT teams struggle with skill and staff shortages and increasing demands. A wide variety of tech vendors have solutions aimed at bring IT operations into the AI age. View all Popular topicsCybercrime opinionCybercrime Inc.: When hackers are better organized than ITBy Thomas Kress 14 Jan 2026 8 minsCybercrimeSecurity opinionThe 2 faces of AI: How emerging models empower and endanger cybersecurityBy Vaibhav Agrawal 8 Jan 2026 7 minsCyberattacksFraudZero-Day Vulnerabilities newsTaiwan subjected to 2.6 million Chinese cyberattacks a day in 2025By Viktor Eriksson 5 Jan 2026 2 minsCyberattacksCybercrimeSecurity View topic Careers interviewJamie Norton’s journey to CISO started with an early interest in computersBy Samira Sarraf 9 Jan 2026 12 minsC-SuiteCSO and CISOCareers news analysisCybersecurity skills matter more than headcount in the AI eraBy Denise Dubie 2 Jan 2026 7 minsCareersIT Skills and TrainingSecurity featureThe CSO guide to top security conferencesBy CSO Staff 29 Dec 2025 5 minsC-SuiteCSO and CISOEvents View topic IT Leadership feature8 things CISOs can’t afford to get wrong in 2026By Bob Violino 7 Jan 2026 11 minsCSO and CISOCloud SecurityThreat and Vulnerability Management feature6 strategies for building a high-performance cybersecurity teamBy Mary K. Pratt 6 Jan 2026 9 minsIT LeadershipIT Skills and TrainingSecurity Operations Center opinionHow the Organizational Risk Culture Standard can supercharge your cybersecurity cultureBy Maman Ibrahim and Gavriel Schneider 5 Jan 2026 11 minsIT LeadershipRisk ManagementSecurity Practices View topic In depth FeatureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada Fiscutean27 Mar 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model 20 Jun 202315 mins AuthenticationCSO and CISOZero Trust Ep. 04 Episode 4: Reduce SOC burnout 20 Jun 202315 mins CSO and CISOHybrid and Remote WorkPhishing Upcoming EventsMar/19 in-person event CSO ThreatScape Manchester19 Mar 2026Manchester, UK Cyberattacks May/14 in-person event CIO ForwardTech London14 May 2026London, UK Innovation Sep/24 in-person event CIO 100 Awards & Conference UK24 Sep 2026London, UK IT Leadership View all events Show me moreLatestArticlesPodcastsVideos brandpost Sponsored by CyberNewsWire SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats By Cyber NewsWire – Paid Press Release14 Jan 20266 mins Business OperationsCyberattacksSupply Chain opinion Cybersecurity at the state and local level: Washington has the framework, it’s time to act By Kevin Powers14 Jan 20265 mins GovernmentLaws and RegulationsNetwork Security opinion For application security: SCA, SAST, DAST and MAST. What next? By Sunil Gentyala13 Jan 202610 mins Application SecurityDevSecOpsSecurity podcast Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild13 Jan 202623 mins CybercrimeSmall and Medium Business podcast CSO Executive Session ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity By Estelle Quek12 Jan 202628 mins CyberattacksCybercrimeHuman Resources podcast Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan Goodchild15 Dec 202526 mins Application Security video Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild13 Jan 202623 mins CybercrimeSmall and Medium Business video CSO Executive Sessions ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity By Estelle Quek12 Jan 202628 mins CyberattacksCybercrimeHuman Resources video Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan Goodchild15 Dec 202526 mins Application SecurityCSO and CISO