Patching stories
Organisations will need to widen cyber planning beyond a checklist as Australia moves to replace the Essential Eight with risk-based Essentials guidance.
The real risk lies in unpatched flaws, as attackers increasingly exploit fixes already available but not yet installed.
Defenders face added pressure as the update covers two actively exploited flaws and a SharePoint bug that could enable remote code execution.
Legacy systems and slow patching are leaving banks exposed, with financial services hit by more than double the average cyberattacks per device.
Most fixable flaws in live AI cloud systems are still exposed, with Orca finding 99.9% remain unpatched across major platforms.
Downtime from slow devices and failed apps is prompting larger firms to unify endpoint, security and experience tools, IDC says.
Weak default safeguards and uneven sandboxing could leave developers exposed to command execution before workspace trust is granted.
Enterprises can now patch older open source software without disruptive upgrades, as IBM and Red Hat target stubborn vulnerability backlogs.
Sensitive physics and engineering research at US and Canadian universities may have been exposed after hackers used Roundcube flaws to enter mail servers.
The real risk is growing backlogs and patching delays, as AI speeds up exploit development faster than security teams can respond.
Security teams are being pushed to prioritise more than ever, as vulnerabilities now make up 42.6% of critical exposures, Check Point says.
New safeguards will let Fable 5 block more harmful cyber prompts, as Anthropic also seeks a common scale for jailbreak risk.
Only a small share of alerts proved urgent, but critical vulnerability exposures more than doubled as phishing also surged in the report.
Banks are seeing attackers favour stealthy access over ransomware, with a UK-specific exploit hitting nearly half of monitored sensors.
Banks face a shrinking window to harden legacy systems as cheap AI tools make vulnerability hunting and repeat attacks far easier for criminals.
IT teams can now manage Windows and Mac devices from one platform, with new tools aimed at closing patch gaps and speeding enrolment.
The plan could speed defences across government and vital sectors, but experts warn weak basics and policy gaps may blunt its impact.
Security teams may be able to cut false alarms as Picus says its new platform proves whether a vulnerability can actually be exploited.
It targets defence and government teams needing to handle sensitive data in disconnected environments without direct internet access.
The province found hidden security flaws in public sector systems in hours, a task officials say could have taken a manual review 6.5 years.