IBM has disclosed three critical flaws in WebSphere Application Server 8.5 and 9.0, including identity spoofing and two remote code execution paths that let unauthenticated attackers impersonate users or run code.
Read more about Emerging Threats: (CVE-2026-8644, CVE-2026-9311, CVE-2026-9319) IBM WebSphere Application Server Identity Spoofing and RCECyCognito Blog
Your source for exposure management research, product news, and security insights.
Search the Blog
An authentication bypass flaw in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS lets a remote attacker forge override cookies and establish an unauthorized VPN connection.
Read more about Emerging Threat: (CVE-2026-0257) PAN-OS GlobalProtect Authentication Bypass via Forged Override Cookies
Star Wars as a security case study: the Empire’s real failure wasn’t missing the exhaust port, it was never testing whether it mattered.
Read more about The Force Awakens Your Attack SurfaceThe instinctive reaction to Mythos is: we need to patch faster. That instinct is understandable. It is also exactly the wrong frame. The real question isn’t how many CVEs are in your queue. It’s how many of your exposed assets can actually be exploited right now, by anyone with an API key and an afternoon.
Read more about Mythos, MOAK, CTEM and the End of CVE Chasing
The latest GigaOm Radar for Attack Surface Management highlights the shift from inventory to contextual prioritization and actionable validation across 32 vendors. CyCognito was named a Leader for the third year in a row and, for the first time, an Outperformer.
Read more about CyCognito Named a Leader and Outperformer in the 2026 GigaOm Radar for ASM
Modern security frameworks often fail by surfacing endless vulnerabilities without context. This blog explores how the CTEM framework’s Validation stage provides “permission to ignore” theoretical risks, allowing teams to focus engineering resources exclusively on confirmed, evidence-based, and exploitable threats.
Read more about Permission to Ignore: Leveraging the CTEM Framework to Focus on Real RiskContinuous Threat Exposure Management (CTEM) shifts security metrics from measuring activity to prioritizing impact. This refocuses reporting on urgent, validated issues and continuous testing coverage. By tracking remediation hours and material exposure reduction, organizations can effectively manage risk without creating unnecessary noise or alert fatigue.
Read more about From Activity to Impact: How CTEM Refocuses Security KPIsThe latest CyCognito updates focus on improving posture visibility, expanding user learning in-app, and streamlining asset and issue review.
Read more about What’s New in CyCognito: February 2026 Platform EnhancementsCTEM reframed security around what attackers can actually reach and exploit. But Gartner didn’t provide an execution playbook. This blog breaks down what each stage demands in practice – and the anti-patterns that derail most programs.
Read more about Taking the Guesswork Out of CTEMSolarWinds disclosed multiple critical vulnerabilities in its Web Help Desk platform that may allow unauthenticated attackers to bypass security controls or execute code remotely. Organizations running exposed instances should patch immediately and assess external exposure to reduce risk.
Read more about SolarWinds Web Help Desk Vulnerabilities Update