OneTrust AI Governance OneTrust offers AI Governance, a platform that automates compliance and provides continuous monitoring of the AI landscape, across the software lifecycle starting with any AI usage at the beginning of any build. It can detect policy violations,… Read More "AI-SPM buyer’s guide: 14 tools to secure your AI infrastructure"
Prompt injection remains an unsolved architectural problem that could hamper the development of AI, said Ariel Fogel, a contributor to the Open Worldwide Application Security Project (OWASP), during Infosecurity Europe 2026. Fogel, an AI security researcher at Pillar Security’s office… Read More "Prompt Injection Remains Unsolved, OWASP Researcher Warns"
A recently patched vulnerability affecting Cisco’s Unified Communications Manager (Unified CM) product is being exploited in attacks, according to exploit intelligence firm Defused. Cisco announced patches for the vulnerability, tracked as CVE-2026-20230, on June 3. The company said the critical… Read More "Hackers Exploiting Cisco Unified CM Vulnerability"
ChatGPT users have gained two new security controls: one aimed at preventing data theft through prompt injection and another at tracking account sign-ins. According to OpenAI, the first of these, Lockdown Mode, is an optional setting that limits how far… Read More "OpenAI Unveils ChatGPT Account Security Controls"
A likely North Korean threat actor has phished software developers at almost 100 organizations with fake job and code-review lures to steal cryptocurrency and credentials. According to new analysis from Proofpoint, which tracks the cluster as UNK_DeadDrop, the campaign sent… Read More "North Korean Hackers Use Fake Coding Tasks to Steal Crypto"
%202.png?w=1140&resize=1140,855&ssl=1 "Vendor Due Diligence Questionnaire (Free Template)")
Vendor due diligence questionnaires are a type of security questionnaire for third-party vendors or service providers that are an essential part of any third-party risk management program (TPRM) program. By using a vendor due diligence questionnaire, security teams can evaluate… Read More "Vendor Due Diligence Questionnaire (Free Template)"
A U.S. official told The Associated Press on Tuesday that one of Anthropic’s artificial intelligence models had identified vulnerabilities in highly sensitive and secure U.S. government computer systems during a testing exercise. The official, who spoke on the condition of… Read More "Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says"
A newly discovered critical vulnerability in the FFmpeg media processing framework bundled in a huge number of open source and commercial applications points, again, to the need for CSOs to have strategies to deal with software supply chain vulnerabilities, which… Read More "Hole in widely-used FFmpeg codec could crash media servers or enable RCE"
A critical vulnerability in the Cline Kanban server has been disclosed that allows any website a developer visits to silently exfiltrate workspace data, inject commands into the AI agent’s terminal or kill active agent sessions. The flaw, given a CVSS… Read More "Cline Kanban Flaw Lets Websites Hijack AI Coding Agents"
Vendor Risk Management (VRM) is a broad category that encompasses all measures that your organization can take to prevent data breaches and ensure business continuity. Legal issues, past performance, and creditworthiness are some of the common VRM issues that all… Read More "Vendor Risk Management Checklist (Updated 2026)"
