Blog

Linux Kernel “Copy Fail” Local Privilege Escalation (LPE), CVE-2026-31431, Under Active Exploitation

Overview On April 29, 2026, cybersecurity researchers disclosed a high-severity logic vulnerability in the Linux kernel, tracked as CVE-2026-31431 and…

Blog

Preparing for the Mythos Era – From Vulnerability Hunting to Exposure Management

In a recent blog, we explored what Anthropic’s Project Glasswing means for security programs and why the exposures it…

Blog

XM Cyber Unveils PostureAI to Democratize AI-Powered SaaS Security for Google Workspace

When it comes to exposure management, most people tend to think about an evolution of legacy vulnerability management at the…

Blog

Stop the SOC Burnout: Fixing the Alert Fatigue Crisis

Alert fatigue is one of the most persistent and costly problems in security operations – and it’s getting worse. According…

Blog

Seeing Through the Eyes of An Attacker: Validating Exposures from External Breach Points to Internal Critical Assets

To catch a criminal, you need to think like a criminal. This is not a new concept, and it’s one…

Blog

Beyond the Patch – Why Frost & Sullivan Named Us Leader for the 2nd Time in a Row in ASV

It’s well known that security teams are often drowning in alerts. And considering that 74% of identified exposures are actually…

Blog

Microsoft Office
Zero-Day Vulnerability, CVE-2026-21509, Under Active Exploitation

Overview On January 26, 2026, Microsoft issued emergency out-of-band security patches for a high-severity security feature bypass vulnerability in Microsoft…

Blog

The Practical Path to Fixing What Matters: XM Cyber’s 2025 Milestones and What They Mean for You

The cybersecurity industry has been driven by volume for years. More alerts, more scanners, and more “critical” vulnerabilities to patch.…

Blog

Four Real-Life Financial Service Attacks Paths and How we Blocked Them

Back in the wild west, there was this guy, Willie Sutton. Willie’s chosen profession wasn’t the town dentist-barber or saloon…

Blog

Double Agent: Service Agent Privilege Escalation in Google Vertex AI

While analyzing Google’s Vertex AI, we discovered two distinct attack vectors, specifically in Ray on Vertex AI and the Vertex…

Blog

Exposure Management in Finance: A Proactive Approach to Cyber Resilience

The financial sector is perhaps the most cyber-targeted industry on the planet. It’s no secret why: financial institutions manage the…

Blog

Patching Can’t Save You: How Agentic AI Broke Vulnerability Management

There probably isn’t anything to be said about AI that hasn’t been said. One thing is certain, though: if the…

Blog

See XM Cyber In Action

See what attackers see, so you can stop them from doing what attackers do.

Platform

Company

Partners

Services

Resources

Privacy Policy