Recent discoveries have unveiled a series of critical vulnerabilities affecting Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. These flaws pose significant risks by potentially enabling unauthorized access to sensitive data across tenant environments. According to a report by cloud security firm Wiz, these vulnerabilities could have allowed…
In May 2023, Microsoft released its Patch Tuesday updates, addressing 38 security vulnerabilities, including two major zero-day flaws that are currently being exploited. The updates aim to fortify Windows systems against active threats that pose significant risks to users and businesses. Trend Micro’s Zero Day Initiative has highlighted that this…
Cloud Security, Cloud-Native Application Protection Platform (CNAPP), Data Security Series B Round at $1.5B Valuation Fuels Expansion into AI, Application, and Data Security Michael Novinson (MichaelNovinson) • January 26, 2026 Amiram Shachar, co-founder and CEO, Upwind (Image: Upwind) Upwind, a cloud security startup led by a former NetApp executive, has…
Cloud Security, Cloud-Native Application Protection Platform (CNAPP), Security Operations Increasing Investments Could Enhance Cloud Security Competition Against Major Players Michael Novinson (MichaelNovinson) • January 21, 2026 The cybersecurity landscape has experienced a significant shift, transitioning from a dry spell to a surge in funding for emerging companies. See Also: On-Demand…
AI-Based Attacks, Fraud Management & Cybercrime, Governance & Risk Management Also: Non-Human Identities Transforming Security; Insights from the Delinea-StrongDM Acquisition Anna Delaney (annamadeline) • January 23, 2026 . Pictured from left to right: Anna Delaney, Mathew Schwartz, Michael Novinson, and Tom Field This week’s ISMG panel convened four editors to…
Cybersecurity experts have identified a new peer-to-peer (P2P) worm named P2PInfect, which specifically targets vulnerable Redis installations for subsequent exploitation. Unlike many previous threats, P2PInfect can compromise Redis servers operating on both Linux and Windows platforms, making it a particularly formidable threat, as noted by researchers from Palo Alto Networks’…
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Startup Targets MSSPs and MDR Vendors, Shadow AI Detection and Global Growth Michael Novinson (MichaelNovinson) • January 13, 2026 Rick Caccia, co-founder, WitnessAI (Image: WitnessAI) WitnessAI, a startup focused on AI security, has successfully secured $58 million in…
Artificial Intelligence & Machine Learning, Endpoint Security, Next-Generation Technologies & Secure Development Palo Alto Networks Returns to Smaller Acquisitions Following Major Recent Deals Michael Novinson (MichaelNovinson) • January 6, 2026 Palo Alto Networks, a prominent player in platform security based in Silicon Valley, is looking to revert to smaller acquisitions…
A recent incident highlights a significant cybersecurity threat involving a counterfeit proof-of-concept (PoC) exploit for a newly identified vulnerability in WinRAR. This exploit was shared on GitHub with the malicious intent of infecting users who downloaded the code with Venom RAT malware. Researchers from Palo Alto Networks’ Unit 42, including…
