Tenable blog
LeakyLooker: Hacking Google Cloud’s Data via Dangerous Looker Studio Vulnerabilities
President Trump's Cyber Strategy for America: What It Means for the U.S. and Why It Matters Globally
President Trump's Cyber Strategy for America signals a shift toward risk-based security and cooperation across emerging technologies. While centered on U.S. interests, the strategy provides a blueprint to collectively strengthen global cyber resilience.
Tenable Named a Challenger in the 2026 Gartner® Magic Quadrant™ for CPS Protection Platforms
Security is no longer a siloed effort. Find out how Tenable integrates mature industrial security capabilities into an enterprise-ready approach for unified exposure management.
Strengthening California’s Cyber Defenses: Apply Now for FFY 2024 SLCGP Grants
Cal OES offers up to $250,000 to help California’s state, local, and tribal agencies strengthen their digital infrastructure against evolving cyber threats. Organizations must submit their applications by March 13, 2026.
Operation Epic Fury: Potential Iranian Cyber Counteroffensive Operations
Following the joint military operation known as Operation Epic Fury, the Tenable Research Special Operations (RSO) team is providing an update regarding potential cyber counteroffensive operations conducted by Iran-linked threat actors.
CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild
Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been reported. Immediate patching is recommended to thwart ongoing attacks.
New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware
Tenable Research investigated a malicious npm package with around 50,000 downloads in the public registry. We observed various detection-evasion techniques and saw it deploy multiple powerful open-source malware variants.
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s "dynamic objects" feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze.
The Cloud and AI Velocity Trap: Why Governance Is Falling Behind Innovation
AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths.
Gartner® Names Tenable as the Current Company to Beat for AI-Powered Exposure Assessment in a 2025 Report
“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in “AI Vendor Race: Tenable Is the Company to Beat for AI-Powered Exposure Assessment.”