Blog

Trust No One: Automating macOS Privilege Escalation at Scale

XM Cyber Researcher Hillel Pinto uncovered CVE-2025-34352, a critical vulnerability in the JumpCloud Remote Assist for Windows agent (versions prior…

Blog

The VM Category Shift: XM Cyber Wins SC Awards Europe 2026 Best Vulnerability Management Solution

The vulnerability management category has shifted. For three consecutive years, Qualys won SC Awards Europe Best Vulnerability Management Solution. This…

Blog

Identity Is the Highway. Here’s How Attackers Use It.

In the modern enterprise, the perimeter hasn’t just shifted, it has dissolved. As organizations accelerate their digital transformation, traditional boundaries…

Blog

XM Cyber Tops Ranking of Most Promising Israeli Cybersecurity Startups for 2019

The Cyber Research Databank (CyberDB), a web-based research platform that provides premium data, news, research and analysis on vendors and…

Blog

What can cybersecurity learn from World cup defense-offense trials, tactics & tribulations?

In the coming Fifa world cup 2018 events, we’ll be seeing rival team drama at its best. Despite the extraordinary…

Blog

Initial Reactions and Key Takeaways from the 2026 Gartner Security and Risk Summit

Last week, the XM Cyber team had the pleasure of attending the annual Gartner Security and Risk Summit at the…

Blog

The Identity Conundrum: Enforcing Least Privilege Access At Scale

Overview In the modern cybersecurity landscape identity isn’t a perimeter, it’s a highway. As organizations scale, that highway gets longer,…

Blog

Your CVE Count Is a Meaningless Metric

Overview I’ve sat in a lot of vulnerability reviews where the team felt good about the numbers. Closed tickets for…

Blog

NGINX Rift Chain (CVE-2026-42945): Remote Code Execution (RCE) Discovered Leveraging 18-Year-Old Vulnerabilities

Overview On May 13, 2026, researchers disclosed “NGINX Rift,” a critical vulnerability chain discovered by DepthFirst AI. The chain consists…

Blog

Contextualizing SOC Alerts with Exposure Intelligence

Overview Security Operations Centers (SOCs) are on the front lines of a lopsided battle. They are navigating an overwhelming volume…

Blog

From Hunting Context to Hunting Threats: Using Exposure Intelligence to Accelerate SOC Investigations

Overview In many organizations, SOC teams spend more time digging for context than actually hunting for or responding to threats.…

Blog

Linux Kernel “Dirty Frag” Local Privilege Escalation (LPE), CVE-2026-43284 & CVE-2026-43500

Overview On May 8, 2026, cybersecurity researchers disclosed a critical vulnerability chain in the Linux kernel, nicknamed “Dirty Frag.” Tracked…

Blog

See XM Cyber In Action

See what attackers see, so you can stop them from doing what attackers do.

Platform

Company

Partners

Services

Resources

Privacy Policy