Blog de Tenable
Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors.
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices.
The developer credential economy: Why exposure data is the new front line in the supply chain war
Recent supply chain attacks have highlighted an urgent need for organizations to shift from a reactive security posture to a preemptive exposure management strategy. Learn why endpoint detection and response tools don’t have you covered when highly privileged developer credentials get exposed.
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour window on March 31.
Supply chain attack on Axios npm package: Scope, impact, and remediations
The Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft. Scan your environment now.
What’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protection
Stop the noise and scale your cloud security. Our latest updates introduce custom policy automation via Explorer, AWS ABAC support for true least privilege, and research-backed protection against critical vulnerabilities, all designed to slash MTTR without disrupting your DevOps workflows.
Uncover prompt injection, insider threats with the Tenable One Model Refusal Detection
Tenable One's new Model Refusal Detection turns an LLM's refusal to execute a risky or suspicious prompt into a high-fidelity early warning signal. It helps you uncover and stop prompt injection attacks, insider threats, and other risky behaviors before they escalate into a breach.
Security for AI: A guide to managing the risks of vibe coding and AI in software development
Get a template for an AI coding acceptable use policy with security controls and a list of 25 security questions to ask software developers and “citizen developers” about their AI use. Mitigate the security risks of vibe coding and using AI in software development with Tenable One.
Conozca a Tenable Hexa AI: IA agéntica para la gestión de exposición
Conozca a Tenable Hexa AI: el motor agéntico de la plataforma de gestión de exposición Tenable One. Sepa cómo Tenable Hexa AI automatiza flujos de trabajo de seguridad complejos y transforma la inteligencia de exposición en acciones coordinadas, para ayudar a su equipo de seguridad a reducir significativamente el riesgo cibernético.
