One of the biggest shifts in cybersecurity over the past decade has been the evolution of the CISO from technical expert to business strategist. Few people have witnessed and helped drive that transformation more closely than Jason Stradley. A four-time CISO, published author, and longtime security executive, Stradley has built ... Read More

Platform safety is a solved problem until it is not. Most platforms invest heavily in moderation only after a crisis forces their hand. A viral story. A regulatory hearing. A lawsuit. The pattern has become familiar: wait, react, patch. Sensitive platforms, the ones handling anonymous users, personal transactions, and vulnerable ... Read More

CyCognito has detailed an emerging denial-of-service risk affecting Apache HTTP Server deployments through CVE-2026-49975, a vulnerability tied to HTTP/2 memory exhaustion in the mod_http2 module. The issue, described by CyCognito as part of an attack technique nicknamed the “HTTP/2 Bomb,” allows a remote attacker to use maliciously crafted HTTP/2 requests ... Read More

For many security leaders, the challenge is not identifying risks; it is deciding which ones deserve immediate attention and which can wait. Maurizio Imperadore has spent years operating at that intersection of technology, leadership, and business priorities. As Head of the Cybersecurity Team at Connect S.p.A. and a veteran network ... Read More

What happened Cyber-threat groups linked to China and North Korea continue to heavily target financial services and cryptocurrency ecosystems across the Asia-Pacific region, according to CrowdStrike’s 2026 Financial Services Threat Landscape Report. Six of the nine most active threat groups targeting financial organizations in Q1 2026 were attributed to these ... Read More

What happened Microsoft’s June 2026 Patch Tuesday update included fixes for a record-breaking 206 unique vulnerabilities (CVEs), surpassing the company’s previous high of 175 vulnerabilities patched in October 2025. Security researchers say the unprecedented volume reflects a growing trend fueled by AI-assisted vulnerability discovery. Among the vulnerabilities addressed are three ... Read More

What happened Threat actors have launched a new wave of supply chain attacks against the Python Package Index (PyPI), distributing malicious packages as part of an evolving campaign linked to the Shai-Hulud worm. According to research from the Socket Research Team, the latest variant, referred to as “Mini Shai-Hulud,” compromised ... Read More

What happened A financially motivated threat group is conducting a targeted data theft and extortion campaign against US legal, professional, and financial services firms using a blend of phishing, voice-based social engineering, and legitimate remote access tools. According to Google’s Mandiant division, the activity is linked to a threat cluster ... Read More

What happened Evanston Township High School (ETHS) District 202 in Illinois has been impacted by a ransomware attack that disrupted access to district systems, internet services, and computer infrastructure. The incident was discovered on June 7, prompting the district to activate its incident response procedures and engage external cybersecurity experts ... Read More

What happened A cybersecurity startup called depthfirst has reported discovering 21 previously unknown vulnerabilities in FFmpeg, one of the world’s most widely used open-source multimedia frameworks. The vulnerabilities were identified by an autonomous AI-powered security agent that analyzed approximately 1.5 million lines of FFmpeg source code and generated proof-of-concept demonstrations ... Read More