Blog

NGINX “Rift” Chain: Remote Code Execution (RCE) Discovered Leveraging 18-Year-Old Vulnerabilities

Overview On May 13, 2026, researchers disclosed “NGINX Rift,” a critical vulnerability chain discovered by DepthFirst AI. The chain consists…

Blog

From Hunting Context to Hunting Threats: Using Exposure Intelligence to Accelerate SOC Investigations

Overview In many organizations, SOC teams spend more time digging for context than actually hunting for or responding to threats.…

Blog

Contextualizing SOC Alerts with Exposure Intelligence

Overview Security Operations Centers (SOCs) are on the front lines of a lopsided battle. They are navigating an overwhelming volume…

Blog

Linux Kernel “Dirty Frag” Local Privilege Escalation (LPE), CVE-2026-43284 & CVE-2026-43500

Overview On May 8, 2026, cybersecurity researchers disclosed a critical vulnerability chain in the Linux kernel, nicknamed “Dirty Frag.” Tracked…

Blog

Linux Kernel “Copy Fail” Local Privilege Escalation (LPE), CVE-2026-31431, Under Active Exploitation

Overview On April 29, 2026, cybersecurity researchers disclosed a high-severity logic vulnerability in the Linux kernel, tracked as CVE-2026-31431 and…

Blog

Preparing for the Mythos Era – From Vulnerability Hunting to Exposure Management

In a recent blog, we explored what Anthropic’s Project Glasswing means for security programs and why the exposures it doesn’t…

Blog

XM Cyber Unveils PostureAI to Democratize AI-Powered SaaS Security for Google Workspace

When it comes to exposure management, most people tend to think about an evolution of legacy vulnerability management at the…

Blog

Stop the SOC Burnout: Fixing the Alert Fatigue Crisis

Alert fatigue is one of the most persistent and costly problems in security operations – and it’s getting worse. According…

Blog

Project Glasswing, Mythos Findings, and Getting Ready for Your Next Board Conversation

Blog

Adopt AI, Not Exposures: Unlocking Continuous Exposure Management to Secure the AI Attack Surface

Blog

Vulnerability Scanners Cannot Power Your CTEM Program

Most CISOs I’ve worked with understand intuitively that vulnerability scanners – like any tool in the security stack – have…

Blog

Seeing Through the Eyes of An Attacker: Validating Exposures from External Breach Points to Internal Critical Assets

To catch a criminal, you need to think like a criminal. This is not a new concept, and it’s one…

Blog

See XM Cyber In Action

See what attackers see, so you can stop them from doing what attackers do.

Platform

Company

Partners

Services

Resources

Privacy Policy