Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...
Security Boulevard

MY TAKE: As RSAC 2026 opens, AI has bifurcated cybersecurity into two wars—the clock is running

RSAC 2026 opens here Monday at Moscone Center, with upwards of 40,000 cybersecurity professionals, executives, and policy leaders, myself among them, filing in to take stock of an industry under acute ...
Security Boulevard

Amazon Lost 6.3 Million Orders to Vibe Coding. Your SOC Is Next.

Amazon mandated AI coding tools and suffered a 6-hour outage costing 6.3 million orders. The same AI quality crisis now emerging in SOC operations. The post Amazon Lost 6.3 Million Orders to Vibe ...
Security Boulevard

The OWASP Top 10 for LLM Applications (2025): Explained Simply

The OWASP Top 10 for LLM Applications is the most widely referenced framework for understanding these risks. First released in 2023, OWASP updated the list in late 2024 to reflect real-world incidents ...
Security Boulevard

AI-Driven Offensive Security: The Current Landscape and What It Means for Defense

The capabilities of modern AI models have advanced far beyond what most people in the security industry have fully internalized. AI-generated phishing, script writing, and basic offensive automation ...
Security Boulevard

Your SIEM Isn’t Broken. Your Investigation Layer Is Missing.

Analysts take 56 min per alert. 40% of alerts go uninvestigated. The problem isn't SIEM — it's the investigation layer that was never built. The post Your SIEM Isn’t Broken. Your Investigation Layer ...
Security Boulevard

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

GitGuardian’s 5th State of Secrets Sprawl report is here. In this blog, we unpack the key findings behind the 2026 edition, ...
Security Boulevard

News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks

SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure Report, one of the most ...
Security Boulevard

How controlled should your cloud-native AI security be

Are Your Machine Identities and Secrets Secure? The management of Non-Human Identities (NHIs) and secrets is a foundational aspect of robust cloud-native security. NHIs, often described as machine ...
Security Boulevard

Your Lateral Movement Detection Tools Are Missing 90% of Attacks. Here’s Why.

Compare lateral movement detection tools vs. Attack Path Discovery. Understand how Morpheus AI correlates full attack paths in under 2 minutes. The post Your Lateral Movement Detection Tools Are ...
Security Boulevard

Are you certain your Agentic AI optimally performs

How Can Non-Human Identities Enhance Agentic AI Performance? What strategies are you employing to manage non-human identities (NHIs) within your organization? The notion of NHIs encompasses more than ...
Security Boulevard

Anton’s Vibe Coding Experience: A Reflection on Risk Decisions

Look, I’m not a developer, and the last time I truly “wrote code” was probably a good number of years ago (and it was ...