Aryon Secures $29M to Thwart Cloud Risks Before Deployment

Michael Novinson • June 24, 2026

Aryon Security raised $29 million in Series A funding to help enterprises enforce security policies at cloud deployment, preventing misconfigurations, excessive permissions and insecure resources from reaching production environments across AWS, Azure and Google Cloud.

Artificial Intelligence & Machine Learning

Quest Software Acquires Identity Observability Vendor Anetac

Latest

Artificial Intelligence & Machine Learning

Open-Source Coalition Pushes California to Rework AI Act

Chris Riotta • June 24, 2026

A coalition of open-source artificial intelligence players are pressing California to rewrite a license-revocation provision in the state's AI Transparency Act, warning that the language as drafted clashes with how open-source licensing works and could seed uncertainty across the software supply chain.

Artificial Intelligence & Machine Learning

OpenAI Unveils 'Jalapeño' Inference Chip

Emilia David • June 24, 2026

OpenAI has introduced Jalapeño, its first custom inference chip developed with Broadcom and Celestica. The move marks a significant step toward vertical integration, giving OpenAI greater control over AI infrastructure, costs and performance while reducing reliance on third-party inference hardware.

Cyberwarfare / Nation-State Attacks

Stryker Seeks to Dismiss Class Action Lawsuit in Cyberattack

Marianne Kolbasuk McGee • June 24, 2026

Stryker is asking a court to dismiss proposed class action litigation filed by current and former employees who allege their personal information was compromised in a March cyberattack by Iranian hacktivists. The medtech manufacturer denies the workers' information was accessed in the incident.

Cybercrime

Infostealers StealC and Amadey Disrupted in Police Crackdown

Mathew J. Schwartz • June 24, 2026

Malware-as-a-service offerings Amadey and StealC have been targeted in an international law enforcement crackdown that also hit dropper/loader SocGholish, leading to 326 servers and 142 domains being disrupted, $47 million in cryptocurrency assets flagged and millions of stolen credential recovered.

Encryption & Key Management

Five Quantum Questions Every Bank CISO Should Ask

Uma Ramani • June 24, 2026

The standards are written, CERT-In has issued its CBOM guidance and adversaries are already harvesting encrypted data to decrypt later. The gap isn't quantum hardware. It's visibility. Here are five questions every bank CISO should answer now, starting with one: Do we have a cryptographic inventory?

Artificial Intelligence & Machine Learning

Five Eyes Warn the Frontier AI Cyberthreat Is Months Away

Chris Riotta • June 23, 2026

A rare joint statement from the Five Eyes cyber agencies is warning that frontier artificial intelligence will transform offensive hacking in just a matter of months - not years - while pressing leaders to treat cyber resilience as a core business risk.

Artificial Intelligence & Machine Learning

Microsoft Weighs DeepSeek for Copilot Amid Security Debate

Emilia David • June 23, 2026

Microsoft is testing alternative AI models, including China's DeepSeek v4, to reduce the cost of running Copilot Cowork's agentic workloads. While cheaper inference pricing could appeal to enterprises, security experts warn that governance, validation and oversight costs may offset any savings.

Agentic AI

Most Companies Overestimate Their AI Maturity

Jennifer Lawinski • June 23, 2026

Most companies believe they are ahead on AI, but EXL's latest enterprise AI study suggests few have truly scaled it. The leaders are pulling away by integrating AI across functions, improving data access and redesigning workflows around measurable business value.

3rd Party Risk Management

Xsolis Hack Affecting 1.4M Raises AI Vendor Risk Concerns

Marianne Kolbasuk McGee • June 23, 2026

A Tennessee-based vendor of AI-powered business decision support software for healthcare providers and insurers is notifying nearly 1.4 million people that their information was compromised in a recent hack. Experts said the incident spotlights growing risks to healthcare by AI-tech vendors.

Cybercrime

FortiBleed Is 'Tip of the Iceberg' of Edge Device Targeting

Mathew J. Schwartz • June 23, 2026

Discovery of the Fortinet credential-harvesting campaign tracked as "FortiBleed" appears to be the "tip of the iceberg" of edge device targeting, with honeypot telemetry revealing VPN and edge devices from Check Point, Cisco, Ivanti/Pulse, Palo Alto, OpenVPN and SonicWall also being top targets.

Cybercrime

2 British Men Plead Guilty to Transport for London Hacks

Mathew J. Schwartz • June 23, 2026

Two young Englishmen pleaded guilty to hacking London Underground operator Transport for London. The 2024 attack by the Scattered Spider cybercrime group members Thalha Jubair, 20, and Owen Flowers, 18, led to $38 million in losses and recovery costs.

3rd Party Risk Management

North Korean Hackers Poison Mastra AI Framework

Tiffany Wang • June 22, 2026

Microsoft says North Korean-linked BlueNoroff compromised a Mastra npm maintainer account and published more than 140 malicious packages, using a software supply-chain attack to distribute infostealers, backdoors and credential theft tools through AI development environments.