%term

81% of Small Businesses Sustained a Cyber Incident Over the Past Year

Dec 19, 2025 By KnowBe4 Team In KnowBe4

Eighty-one percent of small businesses suffered a security or data breach over the past year, and 38% of these businesses were forced to raise their prices as a result, a report from the Identity Theft Resource Center (ITRC) has found. The report notes that external hackers have overtaken malicious insiders as the most common root cause of these incidents. This trend is partially driven by AI-assisted social engineering attacks, which were cited as a root cause by more than 41% of victims.

Read Post

KnowBe4

Read more about 81% of Small Businesses Sustained a Cyber Incident Over the Past Year

How PPC Campaign Vulnerabilities Can Lead to Ransomware Attacks

Dec 18, 2025 By SecuritySenses In SecuritySenses

In the US, search ad spend was expected to reach $124.59 billion in 2024. Those big pay-per-click (PPC) advertising budgets are attracting the attention of cybercriminals. Click fraud is a well-known hazard in marketing circles. However, a more insidious threat lurks in the background.

Read Post

SecuritySenses

Read more about How PPC Campaign Vulnerabilities Can Lead to Ransomware Attacks

The Future Of Cybersecurity: How AI And Machine Learning Are Transforming Penetration Testing

Dec 17, 2025 By SecuritySenses In SecuritySenses

In today's rapidly evolving digital landscape, the protection of sensitive information and critical infrastructure has become more paramount than ever. Traditional cybersecurity measures are increasingly being augmented with advanced technologies like Artificial Intelligence (AI) and Machine Learning (ML). These innovations are now transforming the realm of penetration testing, offering enhanced capabilities for identifying and mitigating vulnerabilities.

Read Post

SecuritySenses

Read more about The Future Of Cybersecurity: How AI And Machine Learning Are Transforming Penetration Testing

Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026

Dec 16, 2025 By Link11

Link11 releases new insights outlining five key cybersecurity developments expected to influence how organizations across Europe prepare for and respond to threats in 2026. The findings are based on analysis of current threat activity, industry research, and insights from the Link11 European Cyber Report, alongside broader market indicators such as PwC's Global Digital Trust Insights 2026.

Read Post

Read more about Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026

EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

Dec 16, 2025 By CyberArk In CyberArk

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.

Read Post

CyberArk

Read more about EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Dec 16, 2025 By Andres Ramos In Arctic Wolf

On December 11, 2025, Push Security published research detailing a newly observed browser-based phishing technique called ConsentFix. The name ConsentFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages. ConsentFix, enables threat actors to gain cloud account access without capturing passwords, multifactor authentication (MFA) codes, or other credentials by abusing legitimate OAuth authentication and consent flows.

Read Post

Arctic Wolf

Read more about New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Are LLMs becoming messengers for attackers? #ai #cybersecurity

Dec 16, 2025 By LimaCharlie In LimaCharlie

AI assistants with broad enterprise access are creating a new attack vector. Chris Luft and Matt Bromiley discuss the Gemini Jack vulnerability, where attackers used prompt injection to turn Google's AI assistant into an unwitting accomplice in data exfiltration. The attack embedded hidden instructions in documents or emails. When employees asked Gemini normal questions like "show me our budgets," the AI retrieved the poisoned document and executed the attacker's commands without anyone clicking anything.

View Video

LimaCharlie

Read more about Are LLMs becoming messengers for attackers? #ai #cybersecurity

EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

Dec 16, 2025 By CyberArk In CyberArk

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.

View Video

CyberArk

Read more about EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

Cloudflare publishes top internet trends for 2025

Dec 15, 2025 By Cloudflare In Cloudflare

Intensifying bot wars, a sharp rise in attacks on civil society organisations, and rapid progress in post-quantum encryption mark a pivotal year online.

Read Post

Cloudflare

Read more about Cloudflare publishes top internet trends for 2025

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Dec 15, 2025 By David Belson In Cloudflare

The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view.

Read Post