In this photo illustration, the Ivanti logo is seen displayed on a smartphone screen

CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability

Laura FrenchJune 12, 2026

CISA’s newest binding operational directive imposes short deadlines for the most severe flaws.

RESOURCES

Identity
How to Build an AI Governance Framework for Identity
Identity
How to Evaluate and Select Identity and Access Management Tools
Identity
Identity-based attacks: how they work and how to defend against them
AI/ML
Guardrails for agents: How to secure AI at runtime
Identity
Laying the groundwork: A practical path to identity security for AI agents

PODCASTS

Vulnerability Management
Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More – SWN #589
Vulnerability Management
Trolling Microsoft With Vulnerabilities – PSW #930
Leadership
Innovation Without Data Security Risk as AI Unlocks Budgets and Identity Challenges – Tony Kelly – BSW #451
Vulnerability Management
Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland… – SWN #588
Application security
Scanner Results Are a Starting Point. Here’s What Comes Next. – Federico Kirschbaum – ASW #386

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Iran Flag Digital Binary Code Cyberpunk Technology Concept

Critical Infrastructure Security

Iran-linked group Handala claims to steal Cal Water customer info

Steve ZurierJune 12, 2026

Experts say that Handala has a history of overstating its capabilities and in this case the water system was not disrupted.

Glowing server core sits inside transparent cube on circuit board. Digital data streams flow, suggesting network security protection. Futuristic tech concept for system defense.

Application security

Docker security scanner uses AI to help explain, fix vulnerabilities

Stephen WeigandJune 12, 2026

AI-powered DockSec helps developers prioritize, understand and fix software vulnerabilities.

FBI seizure notice displayed on the website for “Centrik Global Consulting.”

Threat Intelligence

FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage

Laura FrenchJune 11, 2026

The sites were used to lure security clearance holders into divulging classified information.

(Credit: Careto – stock.adobe.com)

‘Mythos-level’ Fable model released to public: How Anthropic plans to prevent misuse

Laura FrenchJune 11, 2026

Safeguard layers aim to block and reroute cyber-related requests while retaining Mythos-level capabilities.

Magnifying glass red bug bounty, green binary code, identify and submit vulnerability reports

ServiceNow says security researchers, not hackers, accessed data

Steve ZurierJune 10, 2026

ServiceNow investigates access issue, says no attacker activity found.

Mini Shai-Hulud ‘Hades’ variant affects 23 PyPI package versions

Laura FrenchJune 10, 2026

The JavaScript stealer payload includes an anti-analysis LLM prompt injection.

Vulnerability Management

CISA adds Check Point VPN bug to list of exploited vulnerabilities

Steve ZurierJune 9, 2026

CISA warns of an exploited Check Point VPN flaw that lets attackers bypass authentication.

Suspected North Korean actors use fake ‘coding assignments’ to steal crypto

Laura FrenchJune 9, 2026

Targets are encouraged to clone Git repositories to their VS Code or Cursor code editors.

EVENTS