Weekly Update 494
10 March 2026 Since starting HIBP a dozen and a bit years ago, I've loaded an average of one breach...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
How Piggybacking Attacks Threaten Organizational Security?
Organizations invest heavily in advanced cybersecurity technologies such as endpoint detection, identity access management, zero trust architecture, and continuous...
![TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense](https://www.trendmicro.com/content/dam/trendmicro/global/en/research/thumbnails/26/unprompted-976-2.png)
TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense
The sessions from Sean Park and Peter Girnus with Demeng Chen captured the attention of attendees because they painted a...
Anthropic’s US gov’t lawsuit says federal action “unprecedented and unlawful”
“As the proceedings drag on, as they inevitably will, time becomes an asset for Anthropic rather than a liability. In...
FBI alert: scammers target zoning permit applicants
FBI alert: scammers target zoning permit applicants Pierluigi Paganini March 09, 2026 The FBI warns of phishing attacks where crooks...
Anomalous Prompt Injection Detection in Quantum-Secured AI Pipelines
The basics of identity and access management Ever felt like you're drowning in a sea of passwords just to...
Escape raises $18M Series A to replace legacy scanners with AI agent-driven discovery, pentesting, and remediation
Attackers move in hours. Most security teams are still running weekly scans. Today we are proud to announce our...
My Really Fun RSA 2026 Presentations!
This blog is perhaps a little bit more like an ad, so if you don’t want to check the...
Are scalable secrets management systems more effective
Are Your Machine Identities Secure? Have you ever wondered about the invisible workforce within your systems? These are not...
What is the Salesforce GraphQL Exploit and What You Should Do
Learn how misconfigured Salesforce Experience Cloud guest user settings is being exploited, and how AppOmni detects against these threats...
AEO vs GEO vs AIO: What These Terms Actually Mean and Why Your Business Needs to Care
If you have spent any time in marketing circles over the past year, you have probably noticed three acronyms...
Welcome Our Newest Associate Participating Organizations
We are pleased to welcome the newest organizations that have joined as Associate Participating Organizations of the PCI Security Standards...
Russia-linked hackers target Signal, WhatsApp of officials globally
Russia-linked hackers target Signal, WhatsApp of officials globally Pierluigi Paganini March 09, 2026 Russia-linked hackers are targeting Signal and WhatsApp...
Identity Crisis: Global Firms Face Mounting Risks Amid AI Surge and Lack of Recovery Testing
Organizations may be increasingly adopting Identity Threat Detection and Response (ITDR) practices, but a critical gap in disaster recovery...
Randall Munroe’s XKCD ‘Dinosaurs And Non-Dinosaurs’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security...