The Hacker News | Expert Insights

The world of identity security is in constant motion. What was once a straightforward matter of usernames and passwords has evolved into a complex ecosystem of biometrics, hardware tokens, and zero-trust architectures. As we look toward 2026, the pace of change is only accelerating. The lines between our digital and physical identities are blurring, and the threat landscape is becoming more sophisticated. Chief Information Security Officers spend their days on the front lines of this evolution. Staying ahead isn't just about reacting to threats; it's about anticipating them to reduce risk. Based on the trends I'm seeing today, here are 9 identity security predictions for where we'll be in 2026. 1. AI will become the primary identity governance tool. Manual access reviews and role-based access control (RBAC) models are already showing their age. By 2026, AI-driven identity governance and administration (IGA) will be standard. These systems will continuously analyze u...

Brand impersonation in e-commerce has evolved beyond isolated scam websites into a repeatable, industrialized fraud model operating at global scale . CTM360’s latest threat intelligence research analyzes a coordinated campaign—referred to as FraudWear —that demonstrates how attackers are systematically exploiting consumer trust in well-known fashion brands through tens of thousands of fraudulent online stores. Unlike traditional phishing operations, these campaigns do not rely on simple deception or low-effort spoofing. Instead, they replicate the full structure and behavior of legitimate e-commerce platforms , including storefront design, product catalogs, checkout workflows, localized marketing, and payment processing. Each site functions as a disposable asset within a broader, resilient fraud ecosystem. Read the full report here: https://www.ctm360.com/reports/fraudwear-brand-impersonating-online-stores Scale and Targeting Patterns CTM360 identified more than 30,000 malicio...

According to research by IBM, organizations use an average of 83 separate security solutions. It is hardly surprising that 52% of security professionals identify complexity as the biggest impediment to effective operations. For IT and security leaders in mid-market organizations, who know they have gaps in security coverage, this challenge can feel particularly difficult to solve. At Bitdefender , we see this challenge play out consistently across mid-market environments. Most organizations have the fundamentals in place, such as Endpoint Protection Platforms (EPP), email filtering, and patch management. However, many are not fully realizing the capabilities of these existing tools. This creates security gaps and, when combined with a lack of preventative exposure management controls, severely limits visibility across attack surfaces. Maximize Your ROI: Exploit Underused Tools Many mid-market organizations already have powerful Endpoint Detection and Response (EDR) in place as part...

AI-powered browsers are changing how we use the web, but they're also creating some serious new security risks. Tools like Perplexity's Comet and Opera's Neon can summarize pages and automate tasks for you. The problem is that researchers have found these agentic copilots can be hijacked by malicious prompts hidden in ordinary webpages, essentially turning your browser against you. In August 2025, Brave's security team disclosed an indirect prompt injection against Perplexity's Comet using hidden instructions in a Reddit spoiler tag, leading Comet to extract an email address and a one-time passcode. No memory corruption, no code execution exploit. The browser simply followed instructions it couldn't distinguish from legitimate user intent. In this post, we'll look at how these attacks work, why they slip past traditional defenses, and what security teams can do to keep data safe from compromised AI agents. AI Browsers: Powerful, But a New Target AI-ena...

OT incidents rarely start with “OT attacks.” They start with ordinary enterprise weaknesses: shared credentials, remote access shortcuts, management systems that bridge zones too easily, and monitoring that stops short of operations.  When those weaknesses line up, an initial IT compromise becomes an OT event, and the deciding factor is no longer whether the activity is detected, but whether the environment can be contained and recovered without extended outage. What matters is that these failure patterns repeat across industries, which means they can be anticipated and solved - but only if recovery is treated as a security control, not an afterthought. Recurring OT Security Patterns Across Industries Sygnia is a premier cyber technology and services company, with extensive experience helping organisations' IT/OT environments respond to cyber incidents and strengthen enterprise-wide cyber security..  Across numerous OT security assessments, adversary simulations, and inc...

Enterprise adoption of AI is no longer a future trend; it's a present-day reality. As organizations race to leverage AI for innovations, security teams are grappling with a new, complex, and dynamic attack surface. AI is breaking the operational silos that currently segregate Cloud, SaaS and Endpoint Security; AI is everywhere and it is consuming enterprise data and assets across these channels. Traditional security tools, designed for cloud infrastructure and SaaS applications, are fundamentally ill-equipped to handle the unique risks posed by AI.  AI security posture management (AI-SPM) solutions can provide relief by protecting critical AI assets, but it’s important to note that not all AI-SPM solutions are created equal. Many solutions offer only basic posture checks and are focused predominantly on infrastructure and vulnerability management. In addition, most focus solely on Cloud or SaaS, leaving many blind spots when trying to get the full picture of your AI landscape. ...

The transition to container-first infrastructure is complete, with microservices now powering production-critical workloads and driving digital innovation for most enterprises. While 100% of DevSecOps leaders view containerization as critical to their production strategy, this shift has been accompanied by a crisis in security frameworks. According to the ActiveState 2026 State of Vulnerability Management & Remediation Report , respondents’ organizations faced a staggering 82% container breach rate over the past year. Many companies have tried to mitigate risk by “shifting left", empowering developers to build security into their code from the start while still leveraging containers and open-source software from public registries. But in 2026, the reality of shifting left has often meant shifting a mountain of undifferentiated remediation work (i.e., fixing someone else’s code) onto already overextended engineering teams. How should Security Leaders think about container se...

CTM360 researchers have identified a large-scale fraud campaign involving thousands of fake banking websites that actively target users in the United States and the United Kingdom. Over the past year, more than 11,000 fraudulent bank domains were observed, with 8,000+ in the U.S. and 3,000+ in the UK, all operating without regulatory authorization or physical presence. These are not throwaway phishing pages. They are polished, SEO-optimized platforms that impersonate legitimate financial institutions, regulators, and lending services. Not Your Typical Phishing Fraud What sets this campaign apart is operational maturity. The fake banks offer services such as loans, mortgages, grants, and high-limit credit cards, often promising instant approval or no credit checks. Victims are funneled through simplified onboarding flows, fake KYC processes, and staged “approvals” designed to build trust before monetization. Once engaged, users are pressured to pay activation or processing fees ,...

Open-source intelligence (OSINT) was once a discipline primarily associated with criminal investigations and national intelligence work. Today, it has become a critical pillar in a wide range of corporate and operational processes from internal investigations and fraud detection to KYC, third-party validation, and due-diligence assessments. However, despite this shift in importance, OSINT is still frequently performed in an ad-hoc manner: how data is collected, how evidence is preserved, and operational security mechanisms often depend on individual habits rather than standardised practice. In many cases, investigations are even conducted directly from managed corporate devices, putting both the integrity of the intelligence operation and the wider enterprise network at unnecessary risk. This lack of standardisation introduces operational, security, and compliance risks that many organisations do not fully recognise until something goes wrong. Operational Risk Glazer is a sandboxed...

Why reporting, delivery, and validation have become just as critical as testing itself Pentesting has undergone a fundamental shift over the last 5 years. While the core objective of identifying exploitable weaknesses remains the same, the way results are managed, delivered, and validated has become just as important as the testing itself. Security leaders no longer view penetration tests as one-off engagements that end with a PDF. They expect timely, actionable results that feed into their broader vulnerability management and remediation programs. For pentest teams, this shift has exposed a growing gap between how testing is performed and how outcomes are operationalized. Why Traditional Pentest Delivery Is Breaking Down Historically, pentest results have been delivered as static reports, often disconnected from vulnerability scanners, ticketing systems, and remediation workflows. This creates a challenge as the data becomes siloed from other security data and is not aligned int...

A 2024 Gartner® survey of 162 large enterprises shows organizations running an average of 45 cybersecurity tools. It’s no surprise, then, that 52% of executives cite complexity as the biggest barrier to effective security operations. While mid-market organizations typically run fewer tools, smaller IT and security teams mean they often face equal—or greater—operational complexity. Why Security Platforms Emerged The industry’s answer to tool sprawl has been the security platform: a consolidated approach designed to reduce complexity by replacing multiple point products. In principle, platforms promise tighter integration, improved visibility across the attack surface, better alert correlation, and faster response. Research supports this direction. The 2025 IBM Institute for Business Value report notes that organizations with higher security platform maturity identify and contain incidents more quickly. Consolidation Doesn’t Always Equal a Platform Vendor consolidation is accelera...