Data & infrastructure
-
Flowise RCE shows AI builder risk
A critical Flowise vulnerability shows how self-hosted AI builder tools can become infrastructure exposure through connectors, credentials, workflow imports, and server-side execution.
-
Microsoft outage exposes identity dependency
Microsoft’s MFA setup and My Sign-Ins incident exposed the operational dependency now carried by cloud identity platforms, enrolment workflows, and access recovery.
-
Red Hat packages hit npm supply chain
A reported Red Hat npm package compromise puts trusted namespaces, CI/CD publishing, cloud credentials, and developer secrets under fresh software supply-chain scrutiny.
-
AUKUS moves undersea resilience into capability
AUKUS partners plan uncrewed undersea systems from 2027, placing cable, pipeline, telecoms, energy, and cloud dependency inside the UK’s cyber-physical resilience agenda.
-
France keeps Exchange alert active
France has kept its Exchange Server warning active, keeping exposed mail infrastructure, emergency mitigations, and compromise detection inside the current European risk cycle.
-
France flags enterprise patch pressure
France’s cyber agency has flagged another heavy enterprise patch week, with infrastructure, identity, cloud, application, and security platforms all competing for risk-based remediation.
-
Belgium warns Netlogon flaw is exploited
Belgium says a critical Netlogon flaw is now being exploited, putting domain-controller patching, compromise detection, and Active Directory recovery at the centre of enterprise identity risk.
-
MPs press FCA over Palantir data risk
The FCA says its Palantir trial uses encrypted data under regulator control, but MPs and campaigners want clearer answers on US legal exposure, procurement dependency, and public-sector AI governance.
-
Residential proxies are breaking trusted traffic
A Dutch botnet takedown shows how residential proxy abuse is weakening old assumptions about trusted traffic, with consequences for IP reputation, geolocation, identity controls, and fraud detection.
-
The security stack now needs its own controls
Recent Fortinet and Trend Micro disclosures show how endpoint management and security platforms have become privileged infrastructure, requiring governance that goes beyond patching and product trust.