Google’s Device Bound Session Credentials are a meaningful step forward against infostealer malware. They also have significant limits that security teams need to understand before assuming the problem is solved. On April 10, 2026, Google made Device Bound Session Credentials (DBSC) generally available to Windows users in Chrome 146. The ... Read More

The FBI’s 2025 Internet Crime Report landed with a number that should stop every security leader cold: $20.877 billion in reported cybercrime losses. One million complaints filed in a single year. A 26% increase in losses from 2024 alone. But the IC3 report tells you what happened. Constella’s 2026 Identity ... Read More

Security has shifted—but many strategies haven’t For decades, cybersecurity strategies have focused on protecting infrastructure: Firewalls Endpoints Networks But attackers have evolved. Today, they don’t need to break in. They log in. And that shift has made identity the most critical—and most overlooked—attack surface. Why identity has become the primary ... Read More

78% of recently breached organizations had corporate credentials sitting in infostealer logs before the breach was ever detected. The 48-hour window is not a countdown to disaster. It is the window where the attack can still be stopped. When a breach investigation begins, forensic teams reconstruct what happened: which system ... Read More

Iranian state-linked hackers published emails stolen from FBI Director Kash Patel’s personal account. The lesson for every security leader: no title protects you from an exposed digital footprint. On March 27, 2026, the Handala Hack Team, a group U.S. prosecutors have formally tied to Iran’s Ministry of Intelligence and Security, ... Read More

The misconception: more data intelligence equals better security In cybersecurity, there’s a common assumption: More data = more visibility = better protection But in reality, more data often creates more problems. Security teams today are overwhelmed with: Alerts Feeds Data sources Yet many still struggle to understand what actually matters ... Read More

Constella is pleased to announce that Andres Andreu, CEO has been named a finalist for the Resilient CISO Award as part of the 2026 SC Awards, presented by SC Media Awards and CyberRisk Alliance, and sponsored by Absolute Security. Now in its 29th year, the SC Awards recognize solutions, organizations, ... Read More

In the world of cybersecurity, there are “loud” companies, the ones whose logos you see on every corner, and then there are the “backbone” companies. These are the giants that hum quietly in the background, processing healthcare claims, managing highway tolls, and cutting child support checks. Conduent is a titan of the ... Read More

In the world of cybersecurity, there are “loud” companies, the ones whose logos you see on every corner, and then there are the “backbone” companies. These are the giants that hum quietly in the background, processing healthcare claims, managing highway tolls, and cutting child support checks. Conduent is a titan of the ... Read More

The 2026 Identity Breach Report marks a definitive shift in the cyber threat landscape, transitioning from simple data collection to what can only be described as the Industrialization of Identity. As adversaries adopt machine-scale automation, they are no longer just “leaking” data—they are running high-velocity pipelines designed to weaponize human identities ... Read More