ERP users may soon get ahead by going headless, says Rimini Street boss
Look to AI agents and open source to escape the vendor-driven upgrade cycle
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Windows version of SprySOCKS Linux malware used to attack govt orgs
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [...]
France's digital sovereignty push is struggling to escape the Microsoft gravity well
Nextcloud rollout shows locally controlled storage is one thing; getting users off Office is quite another
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications…
Inside the cloud's new agentic AI-ready, Arm-powered foundation
PARTNER CONTENT: From hyperscalers to enterprises, performance-per-watt and system-level efficiency are redefining the cloud compute foundation
iRhythm discloses data breach, says hackers stole patient info
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applicat…
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-D…
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked …
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, r…
A modest proposal: Reformat everything to make documents more palatable to AI
What's up, DocLang?
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsensual AI-generated nude images and videos …
Cisco SD-WAN make-me-root bug under attack
Second Catalyst SD-WAN Manager flaw exploited as an 0-day this month
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
According to the one person who actually read the research paper
AI has changed data architecture, but storage hasn't caught up
SPONSORED FEATURE: AI's hunger for data outstrips storage smarts, leaving GPUs famished
DARPA seeks swappable satellites to help with future star wars
Worried that an unexpected strike could take out critical orbital systems, Pentagon researchers want to know how fast the industry thinks it could launch replacements
SimpleHelp bug lets hackers create rogue remote support accounts
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) au…
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense ema…
Anthropic reserves right to check ID for Claude subs
How can I help you today? Present your papers to begin
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famo…
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.
HPE offers VMware refugees a year off the meter
Free VM Essentials license and cut-price Zerto dangled at customers eyeing a platform escape
NB579: Datadog Unleashes Autonomous Agents; SpaceX Launches IPO
Take a Network Break! Our Red Alert covers critical vulnerabilities in Ivanti Sentry, including OS command injection and authentication bypass, for which patches are now available.…
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
OptinMonster WordPress plugin hacked in CDN supply-chain attack
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]
Java's Project Valhalla finally lands a preview in JDK 28
Don't hold your breath, though – architect Brian Goetz warns devs it will likely still be preview in next LTS release
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileg…
China-Nexus Actor Spies on US Researchers Undetected for a Year
Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to breach numerous institutions and exfiltrate sensitive data.
Feds snooze as US datacenter law set to lapse with no replacement in site
Federal Data Center Enhancement Act (FDCEA) of 2023 covers standards including security and sustainability
Most CISOs Report Pressure to Bury Bad Security News
Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.