Court Axes Investor Lawsuit Over CrowdStrike Software Update

Michael Novinson • January 14, 2026

A U.S. district judge tossed most claims from investors accusing CrowdStrike of misrepresenting its software testing rigor before a July 2024 outage. The judge said two statements about federal compliance could plausibly be misleading, but said plaintiffs failed to establish intent or recklessness.

Agentic AI

Cyera Secures $400M Series F to Lead in Agentic AI Security

Latest

Leadership & Executive Communication

Incorporating Geopolitical Risk Into Your IT Strategy

Jennifer Lawinski • January 14, 2026

IT organizations know how to plan for outages, but even the most rigorously designed strategy is vulnerable to the shifting winds of geopolitics. CIOs and technology leaders need to know how their organizations will respond to geopolitical disruptions, and scenario planning needs to be a priority.

Artificial Intelligence & Machine Learning

Washington Scrutinizes Trump's Push for AI Speed Over Safety

Chris Riotta • January 14, 2026

The White House is shifting to artificial intelligence policy execution with a focus on deregulation, tech exports and energy capacity, according to the director of the White House Office of Science and Technology Policy, framing global tech competition with China as a national priority.

Fraud Management & Cybercrime

PharMerica Will Pay at Least $5.2M to Settle Hack Lawsuit

Marianne Kolbasuk McGee • January 14, 2026

Pharmacy services firm PharMerica will pay at least $5.27 million - plus millions more on enhancing its security - as part of a preliminary class action settlement approved this week by a federal court involving a 2023 data theft incident the company reported as affecting 5.8 million individuals.

Security Operations

Verizon Outage Felt Across United States

David Perera • January 14, 2026

Verizon customers along the Eastern Seaboard and Southern parts of the United States lost mobile phone connectivity Wednesday in an incident that appears to have peaked around 1 p.m.

Artificial Intelligence & Machine Learning

Flaw in AI Libraries Exposes Models to Remote Code Execution

Rashmi Ramesh • January 14, 2026

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by models with tens of millions of Hugging Face downloads, allowing attackers to hide malicious code in model metadata.

Leadership & Executive Communication

The Difference Between Answering for and Owning It

Brandy Harris • January 14, 2026

In some cybersecurity organizations, expertise and visible leadership don't reside in the same role. Usually, the person with the most influence on cybersecurity decisions is the owner, but it does not always work out that way. Fortunately, there are things you can do to change that for your career.

Cyberwarfare / Nation-State Attacks

Lawmakers Urged to Let US Take on 'Offensive' Cyber Role

Chris Riotta • January 13, 2026

Cyber policy analysts told lawmakers that the United States' cyber deterrence efforts are failing, allowing China and others to embed in critical infrastructure networks with minimal cost, while calling for faster, coordinated offensive actions across federal agencies.

Fraud Management & Cybercrime

Cancer Center: Hackers Stole Research Files, Encrypted Data

Marianne Kolbasuk McGee • January 13, 2026

Cancer patients who participated in University of Hawaii Cancer Center studies during the 1990s may soon receive a notification that ransomware hackers stole their data in an August 2025 incident. Experts said the hack spotlights concerning risks involving compromises of medical research data.

Card Not Present Fraud

Magecart Hits Continue: Stripe Spoofing, Supply Chain Risks

Mathew J. Schwartz • January 13, 2026

Magecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign targeting the popular WooCommerce platform and Stripe. Separately, widely used ConnectPOS exposing its code repository for years, posing a supply-chain risk for customers.

Endpoint Security

One Simple Trick to Knock Out the Wi-Fi Network

Greg Sirico • January 13, 2026

A flaw in Broadcom chipsets commonly used in wireless routers allows attackers to repeatedly knock offline the 5 gigahertz band, no matter how strong the security settings, say researchers.

3rd Party Risk Management

AI Supply Chain Risk: Will CIOs Be Held Accountable?

Rahul Neel Mani • January 13, 2026

IT organizations have built processes for reducing vendor risk, but in the AI era, that operating model is being dismantled. Modern AI environments are built on dynamic external foundational models, countless APIs, open-source components and continuous data pipelines that pose risks.

Data Privacy

Dark Patterns, Children's Data and Corporate Fiduciary Risk

Maryam Shoraka • January 13, 2026

Children's data is entering a new regulatory era where dark patterns, defaults and monetization choices can signal breached fiduciary duty. As privacy, safety and consumer laws converge globally, CISOs must treat manipulative UX, consent flows and retention practices as core security and governance risks.