Key Takeaways Malware infections remain the leading attack type from 2025 to 2026, affecting 48% of organizations that experienced an incident. Remote access exploitation increased to 38% in 2026, up from 28% in 2025, making it one of the fastest-growing threat...
Key Takeaways An SBOM is required, but not enough. FDA 524B requires proof of active software risk control, including vulnerability analysis, remediation decisions, and postmarket monitoring. Exploitability analysis is the differentiator. The FDA doesn’t expect...
Key Takeaways Cyberattacks on medical devices are rising despite stronger procurement requirements. 80% of affected organizations reported moderate or significant impact on patient care. Legacy devices are the gap that procurement cannot close. More than a quarter of...
Key Takeaways: The FDA is asking medical device manufacturers to submit VEX (Vulnerability Exploitability eXchange) files alongside SBOMs in some premarket cybersecurity submissions. VEX artifacts document whether known vulnerabilities in SBOM-listed components are...
Anyone working in software development in the Department of War over the past five years has seen the requirements landscape shift significantly. From the introduction of SBOM mandates to the Software Fast Track (SWFT) initiative launched in May 2025, the DoD is...
Key Takeaways: Legacy medical devices running old code create growing cybersecurity and patient safety risks Ransomware attacks on hospitals show how downtime directly impacts clinical care Security transparency and SBOMs are now key to winning healthcare procurement...
