A critical vulnerability in the Cline Kanban server has been disclosed that allows any website a developer visits to silently exfiltrate workspace data, inject commands into the AI agent’s terminal or kill active agent sessions. The flaw, given a CVSS… Read More "Cline Kanban Flaw Lets Websites Hijack AI Coding Agents"
Vendor Risk Management (VRM) is a broad category that encompasses all measures that your organization can take to prevent data breaches and ensure business continuity. Legal issues, past performance, and creditworthiness are some of the common VRM issues that all… Read More "Vendor Risk Management Checklist (Updated 2026)"
The data collected included full prompts and transcriptions, private conversations, people and performance data, Wired said, adding, “Meta executives have repeatedly defended the data-gathering project, saying it was necessary to train AI systems to operate computer software the way humans… Read More "Meta pauses employee monitoring program after data protections fail"
Traditional network security tools are inhibiting firms from adequate data security as a majority of IT leaders report that data security has never been more critical. A new report, commissioned by Capital One Software with research conducted by Forrester, found… Read More "Legacy Security Tools Failing Data Protection"
Vulnerability exploitation has overtaken compromised credentials for the first time in nearly two decades as the most common initial access vector for data breaches, according to Verizon. The tech giant’s Data Breach investigations Report (DBIR) has been providing threat landscape… Read More "Verizon DBIR: Vulnerability Exploits Overtake Credentials"
President Donald Trump on Monday signed an executive order to strengthen data protection in preparation for the arrival of practical quantum computing. Executive Order 14409 highlights the threat posed by ‘harvest now, decrypt later’, in which threat actors exfiltrate encrypted… Read More "Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration "
Security researchers have sounded the alarm over new scareware designed to lock users’ browsers and drive them to fraudulent tech support teams. Since the start of 2026, Barracuda researchers said they have observed around 2.8 million attacks which used the scareware… Read More "Researchers Warn CypherLoc Scareware Has Targeted Millions of Users"
A Russian initial access broker (IAB) is targeting over 430,000 FortiGate firewalls as part of the FortiBleed credential-harvesting campaign, SOCRadar reports. Discovered last week, the campaign has been ongoing since at least February, and was initially believed to be Fortinet-exclusive.… Read More "Russian Initial Access Broker Behind FortiBleed Campaign"
Sarika Sharma Sarika, a cybersecurity enthusiast, contributes insightful articles to Fidelis Security, guiding readers through the complexities of digital security with clarity and passion. Beyond her writing, she actively engages in the cybersecurity community, staying informed about emerging trends and… Read More "CWPP Integration with Your Security Stack"
Ravie LakshmananJun 23, 2026Initial Access Broker / Firewall Security A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiGate firewalls globally. The… Read More "FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation"
