#zero-trust
9 stories taggedzero-trust.

A Hidden Command in a GitHub Issue Can Silently Steal a Company's Private Code
Researchers found a flaw in GitHub's AI automation tool that lets an outsider read an organisation's private repositories by hiding plain-English instructions inside a public bug report.

Cisco Spends Around $400 Million to Plug a Growing Security Blind Spot: AI Agents
Two rapid-fire acquisitions — Astrix Security and WideField Security — are Cisco's answer to a question most companies haven't thought to ask: who's watching the bots?

CISA's New Playbook Nudges Agencies Toward Zero Trust — and Everyone Else Can Read Along
The agency's updated TIC 3.0 guidance folds Secure Access Service Edge into federal network modernisation, and the advice travels well beyond government.

Zero Trust in OT: A Pragmatic 90-Day Action Plan
Aligning zero trust architecture with operational technology environments through a strategic, actionable 90-day plan.

Zero Trust as the AI Control Plane: What Zscaler's Vienna Pitch Means for APAC CISOs
AI agents are joining the workforce whether security teams are ready or not. At Zenith Live 2026, Zscaler made its case for why zero trust should govern them the same way it governs humans.

Zero Trust Turns 15 and Still Can't Get Out of Its Own Way
The 'never trust, always verify' model isn't failing because the idea is wrong. It's failing because organizations keep treating a security philosophy like a SKU.

OpenAI's Lockdown Mode Admits the Problem It Can't Quite Fix
The new containment feature reduces AI-enabled data exfiltration — it doesn't stop it. Experts are divided on whether enterprises should even trust a vendor to police itself.

The Perimeter Is Gone. Attackers Already Knew That.
Modern intrusions rarely crack the wall. They walk through the front door, wearing your credentials.

Twenty Years of Cyber Lessons and We're Still Losing on the Basics
The industry spent two decades reinventing its philosophy — perimeter defense to assume-breach — yet the attacks that still hit hardest exploit the same unpatched, misconfigured, un-MFA'd mistakes we should have buried years ago.