Kaiser Permanente to Disburse Payments Following Data Sharing Settlement Kaiser Permanente, a prominent player in the U.S. healthcare landscape, is preparing to issue payments to customers affected by an incident involving the unauthorized sharing of personal data and health information with third-party companies. This move comes in the wake of…
Microsoft recently addressed a significant vulnerability within its Copilot AI assistant, which permitted cybercriminals to extract sensitive user information with a single click on a seemingly legitimate URL. The breach was discovered by ethical hackers from the security firm Varonis, who demonstrated that their multi-layered attack could successfully illicit personal…
Third-Party Risk Management, Artificial Intelligence & Machine Learning, Cyberwarfare / Nation-State Attacks Guidance for CIOs on Evading ‘Geopolitical Lock-In’ in AI, Cloud, and Supply Chains Jennifer Lawinski • January 13, 2026 (Image: Shutterstock) In the current geopolitical climate, significant shifts and upheavals are commonplace. Global protests can destabilize governments overnight,…
Recent investigations by Google’s Threat Analysis Group (TAG) have revealed that North Korean hackers are persistently targeting the cybersecurity community through the exploitation of a zero-day vulnerability in an unspecified software application. This campaign has gained momentum over the past several weeks, highlighting sophisticated tactics employed to infiltrate the systems…
Microsoft has issued an update addressing 59 vulnerabilities across its suite of products, including two critical zero-day vulnerabilities that have already been exploited by malicious actors. This release highlights the ongoing threat landscape, with the tech giant emphasizing the risks posed by active exploitation of these flaws. Among the 59…
Microsoft has released an emergency security update to address a serious zero-day vulnerability affecting Internet Explorer (IE). This critical flaw, which is actively being exploited, poses significant risks to Windows systems worldwide. The vulnerability, designated as CVE-2018-8653, was identified by Clement Lecigne from Google’s Threat Analysis Group. It is a…
Recent investigations have uncovered a series of memory corruption vulnerabilities within the ncurses library, which is instrumental for managing terminal displays on Unix-like operating systems, including Linux and macOS. These vulnerabilities, if exploited, could allow malicious actors to execute harmful code on susceptible systems, heightening the risk for organizations utilizing…
You should reconsider your trust. Vulnerabilities could be lurking beneath the surface. The modular design of contemporary web applications contributes significantly to their efficiency. These applications can utilize a plethora of third-party components, JavaScript frameworks, and open-source tools to deliver diverse functionalities that enhance customer experience. However, this complex web…
Agentic AI, Data Security Blackstone-Backed Funding Round Boosts R&D and Partnerships to Tackle AI Security Challenges Michael Novinson (@MichaelNovinson) • January 8, 2026 Jason Clark, Chief Strategy Officer, Cyera (Image: Cyera) A data security startup, founded by a former leader of Israeli Military Intelligence, has secured $400 million to confront…
