News Feed — IT Tools Intelligence for UK Businesses

Qualys qualys 05 Jun 2026

Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing

The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger point: defenders now have an opportunity to change the economics of cyber risk. For me, the question is not whether AI will influence cybersecurity. It alr…

Qualys qualys 04 Jun 2026

From Operating Model to Product: How We Built the ROC for Detection-Speed Remediation

In the first article in this series, we made the case for a prevention-led operating model. This article is about what happened next: the decision to build something that did not exist, and what it took to make it real. Turning an operating model into a product sounds straightforward until you are s…

Qualys qualys 03 Jun 2026

Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike

Executive Summary Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery network, cutting patch propagation by up to 92%, reducing WAN bandwidth by 99%+, and helping close critical vulnerabilities before attackers can move. Available now in Qu…

Qualys qualys 02 Jun 2026

The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs

Key Takeaways The Rise of Cloud-Native Command and Control (C2) Command and control (C2) infrastructure traditionally lived outside the victim environment. Malware beaconed to attacker-operated servers hosted on rented VPS infrastructure or compromised websites, and defenders focused on identifying …

Qualys qualys 28 May 2026

Extending EOL/EOS Software Intelligence Across Containers, Kubernetes, and Modern Workloads

Key Takeaways Software inventory used to stop at the server. Modern application delivery erased that boundary. In cloud-native environments, software now moves continuously through container images, registries, CI/CD pipelines, and Kubernetes clusters, often reaching production faster than tradition…

Qualys qualys 20 May 2026

CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path

The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel’s __ptrace_may_access() function that permits an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default insta…

Qualys qualys 19 May 2026

Inside the 2026 Verizon DBIR: What One Billion Records Revealed About Vulnerability Remediation

The Verizon 2026 Data Breach Investigations Report has been published. Qualys is proud to have served as a research partner and contributor, contributing analysis of more than one billion anonymized vulnerability remediation records across four consecutive DBIR reporting cycles of CISA Known Exploit…

Qualys qualys 14 May 2026

Achieve FedRAMP High M365 Security: Governing with Qualys SSPM and SCuBA

Qualys SaaS Security Posture Management (SSPM) introduces native support for the Secure Cloud Business Applications (SCuBA) compliance framework, bringing CISA’s toughest M365 security benchmarks directly into your continuous posture monitoring workflow. Key Takeaways What Is SCuBA and Why Doe…