According to a new incident report by CERT Polska, coordinated cyberattacks targeted Poland’s energy sector in late December 2025. Wind farms, solar installations, and a combined heat and power...
CISA’s new Binding Operational Directive, BOD 26-02: Mitigating Risk from End-of-Support Edge Devices, addresses one of the most persistent and dangerous blind spots in modern enterprise security: unsupported devices...
Introducing the Phosphorus xIoT Compliance Report Phosphorus is introducing a new capability that changes how compliance works for connected devices. The Phosphorus xIoT Compliance Report shifts compliance from documentation...
The U.S. Coast Guard’s enforcement of 33 CFR Part 101, Subpart F draws a clear line in the water for ports and terminals. Cybersecurity is no longer advisory or...
You discovered a lot of xIoT devices! 6.8 Billion IP addresses scanned on behalf of our customers Top 10 device types you discovered: IP Phones Printers Network Appliances IP...
CISA’s latest joint advisory exposes a trend security teams have long suspected: pro-Russian hacktivist groups are exploiting unintentionally exposed industrial control interfaces to disrupt critical infrastructure. These groups lack...
Amazon Threat Intelligence has released new findings that should concern every organization operating connected devices. Presented at CYBERWARCON 2025 and detailed in Amazon’s security blog, the research outlines how...
Healthcare has never been more connected or more exposed. While IT systems have long been the focal point of cybersecurity programs, today’s adversaries are exploiting something far more expansive:...
In October 2025, thieves stole eight priceless jewels from the Louvre Museum in under ten minutes. They climbed a balcony, broke a window, and vanished before guards could respond.The...
In 2025, attackers no longer need zero-day exploits. They don’t need insider access. All they need is a device still running with its factory-set credentials. Default usernames and passwords...
For too long, vulnerability management has relied on CVSS scores alone to guide remediation priorities. But as CISOs and vulnerability managers know, severity does not equal risk. A “critical”...
This past weekend, airports across Europe, including Brussels, London Heathrow, and Berlin, were hit by a cyberattack that rippled far beyond the continent. Flight delays and cancellations cascaded into...