Aggregator

Netskope's Sanjay Beri on Data Risk, Agent Visibility and Enabling AI Safely
AI adoption has outrun enterprise security, leaving data exposed and controls nonexistent. Sanjay Beri, co-founder and CEO at Netskope, says the answer isn't restriction. It's visibility, context and a culture of enablement.

Car Hacking Village's Ghali on Automotive Security for AI-Driven Mobility Ecosystem
As vehicles evolve into connected, software-defined systems, cybersecurity risks now extend beyond the car itself. Kamel Ghali, vice president at Car Hacking Village, explains why threat modeling, AI safety and ecosystemwide visibility are critical in modern automotive security.

Rain Capital's Lefort on Overcapitalization and Cybersecurity's Barbell Effect
Cybersecurity funding hit all-time highs in 2025, rivaling the 2021 boom, said Sidra Ahmed Lefort, venture partner at Rain Capital. A "barbell effect" has taken hold, with capital concentrating at the earliest and latest stages while squeezing the Series cB and C middle.

Costanoa Ventures' John Cowgill on Moving From Static Analysis to Runtime Defense
Artificial intelligence-generated code is arriving faster than security teams can review it, and the risks are moving from the line level to the system level, says John Cowgill, partner at Costanoa Ventures.

Исследование с участием James Webb меняет взгляд на связь атмосферы и магнитного поля у газовых гигантов.

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet.

Случайно открытый черновик рассказал о модели, которая обходит прежний флагман и пока пугает даже собственных создателей

Попытка сэкономить на экспертах превращается в рискованный билет в один конец.

A vulnerability labeled as problematic has been found in Langflow. Affected is an unknown function of the component v2 API. Such manipulation leads to path traversal. This vulnerability is documented as CVE-2026-33309. The attack requires being on the local network. There is not any exploit available.

A vulnerability classified as critical has been found in Tabs Mail Carrier 2.5.1. Affected by this vulnerability is an unknown functionality of the component SMTP Service. The manipulation of the argument MAIL FROM leads to out-of-bounds write. This vulnerability is referenced as CVE-2019-25646. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in langflow-ai langflow up to 1.8.x. It has been declared as problematic. The impacted element is an unknown function. The manipulation results in injection. This vulnerability is reported as CVE-2026-33475. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in langflow-ai langflow up to 1.8.1. Affected is an unknown function of the file /api/v2/files/ of the component Incomplete Fix CVE-2025-68478. Performing a manipulation results in path traversal. This vulnerability is known as CVE-2026-33309. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 148. Impacted is an unknown function of the component WebRender. Performing a manipulation results in use after free. This vulnerability is identified as CVE-2026-4684. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 148. The affected element is an unknown function of the component Canvas2D. Executing a manipulation can lead to memory corruption. This vulnerability is tracked as CVE-2026-4686. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 148 and classified as critical. The impacted element is an unknown function of the component Telemetry. The manipulation leads to sandbox issue. This vulnerability is listed as CVE-2026-4687. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Mozilla Firefox up to 148 and classified as critical. This affects an unknown function of the component Access API. The manipulation results in use after free. This vulnerability is cataloged as CVE-2026-4688. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.