Deleted Google Cloud API keys can remain functional for up to 23 minutes, posing security risks for Gemini, BigQuery, and Maps APIs.

Microsoft phases out SMS authentication for personal accounts, shifting to passkeys for stronger security. Learn what this means for users.

Anthropic enables partners to share Mythos cybersecurity findings, boosting collective defense against emerging threats.

New data reveals 'identity dark matter' now makes up 57% of enterprise identity risk, just as Agent AI adoption surges. Are you prepared?

A new phishing platform called EvilTokens compromised over 340 Microsoft 365 organizations in five weeks by exploiting OAuth device authentication flows to bypass MFA.

Ghostwriter, a Belarus-linked threat group, targets Ukrainian government with geofenced PDF phishing and Cobalt Strike in latest cyber espionage campaign.

New GitLab vulnerabilities enable XSS and unauthenticated DoS attacks. Emergency patches released on May 13, 2026. Update now to protect CI/CD pipelines.

Over 150 malicious RubyGems packages were discovered in the GemStuffer campaign, exfiltrating scraped UK council portal data via the registry.

This week's cybersecurity news highlights persistent vulnerabilities, supply chain attacks, and evolving malware tactics targeting Linux and macOS users.

Application security is no longer just a developer issue. Enterprise leaders must treat it as a board-level responsibility with built-in accountability and risk reduction.