The AI Governance Gap: Verizon’s 2026 DBIR Shows Attackers Scaling AI While Employees Leak Data Through It
On May 20, 2026, Verizon published the 2026 Data Breach Investigations Report with a dedicated AI section built on original research conducted with Anthropic. The study examined 793 threat actors and found the median actor used AI across 15 MITRE ATT&CK techniques. AI assisted text in phishing emails doubled year ... Read More
The Remediation Paradox: Verizon’s 2026 DBIR Shows Exploitation Winning While Defenders Patch Slower
On May 20, 2026, Verizon published the [2026 Data Breach Investigations Report](https://www.verizon.com/business/resources/reports/dbir/). The headline number is hard to miss. For the first time in the report's history, vulnerability exploitation overtook credential theft as the number one initial access vector in confirmed breaches. Exploitation rose to 31 percent of initial access ... Read More
The Extension Blind Spot: How One VS Code Plugin Gave Attackers GitHub’s Source Code
GitHub's 3,800 Repositories Stolen Through a Single IDE Extension On May 19, 2026, a single VS Code extension on a single employee's device gave attackers access to 3,800 of GitHub's internal repositories. GitHub confirmed the breach the following morning, disclosed that it had rotated critical credentials and cryptographic keys overnight, ... Read More
Five Years of US Privacy Breach Data Tell a Story Security Leaders Cannot Ignore
In April 2026 alone, the ShinyHunters extortion group breached ADT (5.5 million customers), Amtrak (2.1 million confirmed records), and McGraw-Hill (13.5 million student and educator accounts). All three attacks followed the same pattern. An employee credential was compromised through social engineering or infostealer malware, which gave the attackers access to ... Read More
Mean Time to Exploit Has Gone Negative. Security Strategy Has to Change.
Mandiant's M-Trends 2026 report puts estimated mean time to exploit at negative seven days. That number should reset how security leaders think about vulnerability management. It means exploitation is now routinely occurring before a patch is available ... Read More
When Elite Cyber Teams Can’t Crack Web Security
HTB's 2025 benchmark tested 796 security teams. Only 21% passed web security challenges ... Read More
The Invisible Threat: Business Logic Flaws in Modern Applications and Why Scanners Miss Them
In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These are the business logic flaws: subtle mistakes in an application's design or workflow that malicious actors can exploit by doing the unexpected. As a result, companies can be blindsided by breaches even ... Read More
The Engagement Ratchet: How YouTube, Instagram, and Amazon Trained Users to Accept Less Control
Earlier this year, YouTube began rolling out a row of algorithmically recommended videos at the top of the Subscriptions page. The section, labeled "most relevant," surfaces content the algorithm predicts the user will engage with, pulled from channels the user already follows. The subscription feed still exists below it. But ... Read More
The Engagement Ratchet: How YouTube, Instagram, and Amazon Trained Users to Accept Less Control
Earlier this year, YouTube began rolling out a row of algorithmically recommended videos at the top of the Subscriptions page. The section, labeled "most relevant," surfaces content the algorithm predicts the user will engage with, pulled from channels the user already follows. The subscription feed still exists below it. But ... Read More
While TSA Made Headlines, CISA Went Dark
The Department of Homeland Security has been partially shut down for over 45 days. In that time, 460 TSA officers have quit, absences at major airports have exceeded 30%, and the TSA acting head publicly warned the agency may need to decide which airports to keep open and which to ... Read More
