How Ceros Gives Security Teams Visibility and Control in Claude Code
Security teams have spent years building identity and access controls for human users and service accounts. But a new category...
access
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Following initial access, the threat actors conducted extensive lateral movement using a combination of legitimate administration tools and credential abuse....
Unprivileged users could exploit AppArmor bugs to gain root access
Unprivileged users could exploit AppArmor bugs to gain root access Pierluigi Paganini March 16, 2026 Researchers found nine “CrackArmor” flaws...
Initial access techniques used by Iran-based threat actors
Iranian‑linked threat groups often use a core set of initial access methods. The threat actors favor cost-effective, repeatable intrusion techniques...
RSAC 2026 Innovation Sandbox – Glide Identity: Building a Next-Generation AI Passwordless Authentication Platform
Company Profile With the rapid development of artificial intelligence technology today, identity and access control have leapt from a...
SafeNet Trusted Access is Now Available on Google Cloud Marketplace
SafeNet Trusted Access is Now Available on Google Cloud Marketplace madhavThu, 03/12/2026 – 05:10 We’re excited to share that...
Attackers exploit FortiGate devices to access sensitive network information
Attackers exploit FortiGate devices to access sensitive network information Pierluigi Paganini March 10, 2026 Attackers are exploiting FortiGate devices to...
Anomalous Prompt Injection Detection in Quantum-Secured AI Pipelines
The basics of identity and access management Ever felt like you're drowning in a sea of passwords just to...
How AI Assistants are Moving the Security Goalposts
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate...
How AI Assistants are Moving the Security Goalposts
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can...
Okta vs Microsoft Entra ID: Which Enterprise SSO Platform Is Better?
Enterprise organizations rely on identity providers to manage authentication, secure access to applications, and automate identity lifecycle management. Two...
OpenClaw Security Risk: OAuth and SaaS Identity
OpenClaw runs on an employee’s machine. But the access it creates lives inside Slack, Salesforce, Google Workspace, GitHub, and...
SolarWinds patches four critical Serv-U flaws enabling root access
SolarWinds patches four critical Serv-U flaws enabling root access Pierluigi Paganini February 24, 2026 SolarWinds addressed four critical Serv-U vulnerabilities...
Romanian hacker pleads guilty to selling access to Oregon state networks
Romanian hacker pleads guilty to selling access to Oregon state networks Pierluigi Paganini February 23, 2026 A Romanian man pleaded...
Beyond Remediation: How Mitigation Controls Close the Gap in Segregation of Duties Compliance
Managing Segregation of Duties risk doesn’t always mean removing access. Sometimes, the smarter path is monitoring the risk you’ve...
