Security vulnerabilities stories

Businesses are boosting cloud security efforts as rising cloud adoption brings complex risks, requiring new strategies to protect sensitive data and maintain compliance.

The Cloud Security Alliance's 2025 report reveals repeated cloud security failures, urging firms to bolster identity controls and shared defence measures.

Google's GTIG reports 75 zero-day exploits in 2024, highlighting a rising threat to enterprise tech despite a slight overall decrease from 2023.

GitHub Copilot has exceeded 15 million users, growing rapidly as Microsoft advances its AI tools in software development and cloud services.

70% of firms manage more machine than human identities, with only 38% having real-time oversight, exposing a growing cybersecurity risk.

Legit Security has launched AI features in its platform to help developers quickly identify and fix software vulnerabilities, enhancing app security and compliance.

Diligent teams up with Cloudflare and Qualys to launch Cyber Risk Report, offering real-time threat insights for boards and executives on one platform.

NetRise launches ZeroLens, an AI tool that detects undisclosed software weaknesses in compiled code, aiming to prevent cyberattacks before vulnerabilities emerge.

Anetac launches Human Link Pro, unifying human and non-human identity management with AI to combat rising security risks amid workforce shifts globally.

BeyondTrust launches free Identity Security Risk Assessment, helping organisations identify and address vulnerabilities across cloud, hybrid, and on-premise environments.

Checkmarx integrates its Application Security Posture Management into IDEs, enhancing developer experience by streamlining vulnerability management and boosting AppSec efficiency.

Skyfire and Cequence Security partner to enable secure, compliant access and transactions for AI agents across digital services globally.

Qualys unveils Policy Audit to boost compliance efficiency, cut costs, and reduce risks amid rising regulatory demands and system complexities.

Datadog reveals updated DevSecOps report showing Java’s vulnerabilities and announces Metaplane acquisition to boost data observability and AI monitoring.

Armis launches free Vulnerability Intelligence Database to help security teams anticipate and tackle cyber threats with real-time, AI-driven insights.

The Cloud Native Computing Foundation has awarded its highest maturity status to in-toto, a security framework ensuring integrity in software development workflows.

Perforce Software updates Puppet Enterprise Advanced to accelerate vulnerability fixes and boost collaboration amid rising cyber threats and AI-driven attacks.

Cycode launches AI Teammates and CI/MON runtime protection to enhance software supply chain security and threat detection in application security.

Tenable Research revealed a privilege escalation flaw in Google Cloud Composer, risking unauthorised access to key cloud resources before Google's fix.

Socket has acquired cybersecurity startup Coana to enhance its supply chain security platform, cutting false positives by up to 80% for faster threat remediation.