All AI and Security Teams Need Transparent Data Pipelines

Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable...

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senior security leaders, examines how...

How To Build Ransomware-Resilient AI Data Pipelines: A Practical Guide for Modern Enterprises

Modern enterprises depend on AI data pipelines for analytics and automated decision-making. As these pipelines become more integrated…...

The Dark Side of Digital Twins: Adversarial Attacks on AI-Driven Water Forecasting

Digital twins DTs are improving water distribution systems by using real-time data, analytics, and prediction models to optimize operations. This paper presents a DT platform designed for a Spanish water supply network, utilizing Long Short-Term Memory LSTM networks to predict water consumption...

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code

A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that's designed for...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the Apache Kafka (CVE-2024-27309).

Summary IBM Event Streams is vulnerable to a denial of service attack due to the Apache Kafka. It is primarily used to build real-time streaming data pipelines and applications that adapt to the data streams. It combines messaging, storage, and stream processing to allow storage and analysis of...

PT-2023-25581 · Alldata · Alldata

Name of the Vulnerable Software and Affected Versions: data.all versions 1.2.0 through 1.5.1 Description: The issue concerns remote code execution when a user injects Python commands into the Template field while configuring a data pipeline. This can only be triggered by authenticated users...

acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.9.5.1rc1 <=1.3.1.post1) +220 more potentially affected by CVE-2021-45229 via apache-airflow (>=1.10.1 <=2.2.3)

apache-airflow PYPI version =1.10.1, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =1.0.7, =0.4.0, =0.1.0a1, =0.5.1, =0.1.1, =0.1.1, =0.10.2, =0.11.0 and more Source cves: CVE-2021-45229 Source advisory: OSV:PYSEC-2022-29...

Automated remediation level 3: Governance and hygiene

Mold it, make it, just don’t fake it At a quick glance, it seems like the title of this blog is “government hygiene.” Most likely, that wouldn’t be a particularly exciting read, but we’re hoping you might be engaged enough to gain a few takeaways from this fourth piece in our series on automating...

Adama - Searches For Threat Hunting And Security Analytics

Adama Searches ForThreat Hunting and Security Analytics A collection of known log and / or event data searches for threat hunting and detection. They enumerate sets of searches used across many different data pipelines. Implementation details are for ELK. Adama is part of the SpaceCake project...