Short story long

The Most Dangerous AI Tool Got Breached. What is an Adequate Disclosure Strategy?

Anthropic's handling of the Mythos breach is a useful case study of where disclosure practices for security breaches still need to catch up.

Abstract visualization of AI code scanning for Project Glasswing security vulnerabilities.

Project Glasswing Proves Frontier AI Can Break – and Fix – Software

Anthropic's Project Glasswing signals a new era where frontier AI hunts vulnerabilities at scale. Here's what security teams need to understand – and do – right now.

Why GRC Fails – and What a Framework That Actually Works Looks Like

Most GRC programs fail not because the framework is wrong, but because it's built to satisfy auditors, not protect businesses. Here's what that costs you – and how to do it differently.

What Is GRC? Governance, Risk, and Compliance Explained

GRC connects governance, risk, and compliance into a single decision-making system. Here's what each pillar means, how they interact, and how businesses apply them in practice.

Illustrated silhouettes of figures in a red-lit corridor, depicting the covert nature of penetration testing and red team security operations

Pen Testing, Red Teaming, and Why No Scanner Can Replace Either

Pen testing and red teaming are often used interchangeably. They're not. Here's what each actually does, when you need which, and why automated scanners can't replace either.

The Axios npm Attack: What It Means for Every JavaScript Project

axios is the JavaScript library most apps use to talk to the internet. On March 31, two malicious versions were quietly published to npm — and anyone who ran npm install during a three-hour window may have a remote access trojan on their machine. Full technical breakdown inside.

Illustration of Android security layers showing anti-root, anti-hook, and anti-debug protection mechanisms

Understanding & Defeating Android Protections

Discover how hackers bypass Android root detection, anti-hooking, and anti-debug protections with real code examples and penetration testing techniques to strengthen your mobile security knowledge.

Silhouette of a person in front of a glowing red screen displaying lines of code, illustrating the security risks of AI-generated code

Is AI-Generated Code Secure? What Business Leaders Need to Know About AI and Application Security

We asked AI to build three web apps with different levels of security guidance, then tried to break them. Here’s what we found.

Row of humanoid robots working at computers, illustrating automated AI-generated code development and the security risks of vibe-coded applications

Security Gaps in Vibe-Coded Applications

An evaluation of AI-generated code security found that while detailed security prompts lead to improved outcomes, consistent vulnerabilities and gaps remain even with strict guidance.

Cyber Security Model v4: How MOD Suppliers Can Prepare for Stricter Cyber Rules

Learn how MOD suppliers can prepare for CSMv4 with support from a DCC Level 1 certified company.

Red cartoon crab mascot with glowing green eyes representing OpenClaw (formerly Moltbot), a viral AI agent with serious security risks

OpenClaw: Viral AI Sidekick That Puts You and Your Data at Risk

OpenClaw showcases how powerful “local-first” AI agents can be, but it also shows how quickly convenience can turn into a security liability.

Abstract blue geometric forms towering over a lone figure, illustrating the complexity of EU Cyber Resilience Act compliance for digital product teams

Cyber Resilience Act: How to Prepare Your Digital Products for EU Compliance

The clock’s ticking: the Cyber Resilience Act brings strict security rules across your product’s lifecycle.

Cybersecurity Trends 2026 Explained: AI Threats, Compliance, and Operational Resilience

Cybersecurity in 2026 is all about AI-driven attacks, stricter global regulations, and supply chain exposure – here's how to stay ahead.

Flat-design illustration of a developer working on a laptop atop a dark cloud formation against a red-orange background, representing software supply chain security from code to cloud deployment

Securing Your Software Supply Chain: A Step-by-Step Framework

Software supply chain security is now critical to protecting not just your code, but everything your code depends on. Learn how to secure your systems.

The Cost of Cyberattack in 2025

Discover how cybercrime grew into a $10.5 trillion economy in 2025 and why resilience, not luck, is the only defense.

Cybersecurity Trends 2025: Threats, Hacks, and Counterattacks

Discover the latest cybersecurity trends for 2025. Arm yourself with the knowledge and tools to stay secure in the face of evolving threats.

Level Up Your SDLC to SSDLC for Ultimate Application Security

Discover how adopting the Secure Development Life Cycle (SSDLC) can strengthen your application's security against ever-evolving cyber threats.

Patch Me If You Can – 3 Takeaways from the CrowdStrike Crisis

Infinum's SecOps team director shares what we can learn from the incident that got 8,5 million screens worldwide singing the blues.

NIS2 and DORA, the Power Couple of EU Cybersecurity Legislation

We demystify NIS2 and DORA, the two powerful pieces of cybersecurity legislation in the EU, and explain what they mean for your business.

How Do Phishing Simulations Contribute to Enterprise Security?

Find out and strengthen your defenses by identifying weaknesses and educating your teams.