Kirsten Doyle

According to the 2026 Verizon Data Breach Investigations Report, the threat environment is transforming in terms of speed, scale, and interconnected risk. For the first time in its history, vulnerability exploitation was identified as the top initial access vector, representing 31% of attacks, and the report found that ransomware, third-party attacks, and misuse of AI are all on the rise, both for attack purposes and within organizations.   Increasing pressure on security teams includes worsening patch cycles, mobile-focused social engineering campaigns, and shadow AI, all of which increase the risk of source code/data leakage. What underlies all of these trends is a move toward targeting the entire software development process…

The Verizon 2026 Data Breach Investigations Report (DBIR) reveals a threat environment moving much faster than many organizations can reasonably protect themselves against. Based on information collected from more than 31,000 security incidents and over 22,000 confirmed data breaches spanning 145 different countries, the DBIR reveals a changing face to how attackers get in, how fast vulnerabilities are exploited, and the role of AI in both attack and defense. This year’s report makes it clear that vulnerability exploitation has overtaken credential abuse as the top method of initial access to breached networks. Vulnerability exploitation overtakes stolen credentials In past years, compromised credentials were the most common reason…

UK’s National Cyber Security Centre (NCSC) has advised businesses to proceed with caution when considering the implementation of agent-based AI, suggesting that agentic AI represents an entirely different kind of security problem compared to generative AI. According to a recent blog post and global guidance, produced in cooperation with authorities in the US, Australia, Canada, and New Zealand, NCSC advised organisations to “learn to walk before you can run” when using autonomous AI capable of operating without human input. The guidelines show how agentic AI systems increase the attack surface by integrating large language models with external tools, memory, data feeds, and automation processes. As highlighted by the NCSC,…

A security breach notification process has been initiated by 7-Eleven as a result of a security incident where an outside party was able to gain access to their systems containing franchisers’ information. According to a breach notification filed with the state of Maine, the company discovered that threat actors accessed some of its internal systems on 8 April 2026. The company claims that there were just two cases involving individuals in the state of Maine, indicating that perhaps the effects of this breach were not very widespread. The compromised environment allegedly held documents related to franchising applications that contained personally identifiable information, such as applicants’ names and addresses. Additional data elements that may have been exposed…

OpenAI has confirmed that two employee devices were compromised in the recent TanStack npm supply chain attack, prompting the company to rotate code-signing certificates and require macOS users to update their applications by 12 June.   In a security advisory published this week, the company said it found no evidence that customer data, production systems, or intellectual property were accessed or altered during the incident. The compromise is related to a larger campaign known as “Mini Shai-Hulud,” which is an example of a software supply chain attack targeting commonly used packages from npm and PyPI repositories. The TanStack web application development framework, one of the many frameworks impacted by the attack, was exploited…

Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors an opportunity to run arbitrary code remotely on the Exchange server. Although Microsoft has not issued any patches for this security vulnerability, they suggested two possible mitigations until a solution becomes available. According to Microsoft, one preferred mitigation strategy is to activate the Exchange Emergency Mitigation (EM) Service, which provides protection for all customers whose EM Service remains enabled by default. The announcement was made at a time when Microsoft was releasing its May 2026 Patch Tuesday updates, which fixed more than 120 vulnerabilities across applications such…

West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facilities after bad actors breached the company’s network on 4 May. The pharmaceutical packaging manufacturer said attackers exfiltrated data and encrypted systems, forcing the company to proactively shut down portions of its infrastructure to contain the incident. “We continue to make good progress in the restoration of our systems. Our outside counsel promptly engaged Palo Alto Networks Unit 42 to support the Company’s investigation, containment, and recovery efforts, in coordination with other external experts,” the company added.” It said it has restored its core enterprise systems, and critical processes for shipping, receiving, and manufacturing have restarted at…

A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools and cloud-native services faster than security and governance teams can keep up. The “Cloud and AI Security Risk Report 2026” examined telemetry data gathered from public cloud and enterprise ecosystems from April to October 2025, while the AI-related data was taken until December 2025. The findings revealed that many organizations were unknowingly increasing their attack surface via overprivileged AI identities, vulnerable third-party libraries, and cloud credentials. In addition to those findings, 18% of enterprises had identities…

Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May Patch Tuesday release, pushing Microsoft’s total number of patched vulnerabilities to over 500 in just five months in 2026. Researchers at Microsoft and other organizations said that AI-enabled vulnerability discovery systems have greatly accelerated and amplified the process of discovering security flaws. There were about 137 to 138 security updates issued by Microsoft addressing 30 critical vulnerabilities, as well as various other vulnerabilities including those that could allow remote code execution and privileges elevation on Azure DevOps, DNS, Netlogon, Office, and Windows networking…

Foxconn has confirmed that several of its North American factories were hit by a cyberattack, after the Nitrogen ransomware group claimed to have stolen 8TB of data comprising more than 11 million files. According to the bad actor, the information supposedly obtained contains private directives, project details, technical drawings, and related project documents that pertain to companies such as Intel, Apple, Google, Dell, and Nvidia. These claims have not been independently verified yet. In a statement shared with media outlets, Foxconn acknowledged the breach and confirmed that attackers had stolen 8TB of data and more than 11 million documents. Some of the company’s factories in North America…