Cyber Security
7 articles
Blinding the Watchman: Why an Unauthenticated RCE on Splunk Is a Detection-Integrity Emergency
CVE-2026-20253 is a CVSS 9.8 on Splunk Enterprise — but the score measures the bug, not the asset. When the box that lands a file-write primitive is the one your whole detection program treats as ground truth, the first thing an attacker buys is the power to make the watchman lie. Patch it, then assume its testimony is suspect.
Signed, Reviewed, Verified — and Still Malicious
Fifteen JetBrains plugins stole developer AI keys while passing every trust signal the marketplace offers. The controls did their jobs — their jobs were just the wrong ones.
The management plane is the front line: defending Tier-0 network gear after the 2026 KEV wave
Three mid-2026 vulnerabilities added to CISA's KEV catalog all hit devices built to protect networks — VPN, SD-WAN, and endpoint-management consoles. Here's how to prioritize and defend them.
Defending Against CI/CD Attacks in 2026.
The pipelines that ship your software have quietly become the softest part of the attack surface. A field guide to treating configuration as a security boundary.
The build pipeline is the target: what the 2026 axios npm compromise teaches about supply-chain defense
Two malicious axios versions ran attacker code at install time before any application ever called the library. Here is how install-time (postinstall) script attacks and self-propagating npm worms work, and the concrete steps that bound the damage to your CI/CD pipelines and publishing tokens.
The Phantom Ransomware Group That Ran Off a Phone
0APT posted 190-plus victims in its first week from an Android phone's SD card. None were real. The funny part is the phone; the useful part is what it tells you about every leak-site number you've ever counted.
Where CISO liability really lives now
The SEC dropped its SolarWinds cyber-disclosure case against the company and its CISO with prejudice in November 2025. Here is why that narrows one enforcement avenue without removing the exposures that should actually drive your disclosure program, and what to check in the next 90 days.