Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re making a fundamental change to how teams use SAST. SAST in the IDE is now free. This means developers can run SAST scans directly inside their editor, with real-time feedback and project-wide visibility, using the same analysis engine and SAST rules as Aikido. Detection runs automatically as developers work, without limiting coverage at the detection layer.

If you missed the live walkthrough of Aikido AI Pentesting, here is the short version of what happened. We set up a real application, configured the assessment, and watched the agents test live flows, explore the app, and surface confirmed findings with full traces.

Ransomware attacks have grown stronger in the last few years. Attackers are now stealing data before locking it. They also pressure victims by posting stolen files on the internet. There are groups that sell ransomware kits, making these attacks easy to run. This has made things worse for businesses all around the world. Teams are looking for ransomware remediation tactics that help them recover fast and reduce the chance of the attacker returning.

The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view.

In November 2024, Microsoft announced that multi-factor authentication (MFA) would become mandatory for all administrator accounts across Microsoft 365 (formerly Office 365), Azure, and Intune. Starting in 2025, admins without MFA enabled will no longer be able to access Microsoft’s admin portals. This rollout is happening in phases at the tenant level, and administrators who haven’t yet configured MFA will need to update their settings to stay compliant.

React2Shell is the name commonly used to describe a set of critical vulnerabilities affecting React Server Components (RSC) and frameworks that rely on them, including Next.js. Since disclosure, security teams have observed continued exploitation attempts targeting exposed applications, with attackers abusing the vulnerability to gain unauthorized code execution on affected servers.

Artificial intelligence is transforming how organizations operate, innovate, and compete. From employees using GenAI tools to boost productivity to engineering teams building sophisticated AI agents and applications, AI has become central to modern business operations. AI now operates across every part of the enterprise, spanning endpoints, applications, identities, cloud services, data, and SaaS platforms.

In 2015, only about 40% of websites used HTTPS. Today HTTPS is used over 95% of the time. The ACME protocol made that shift possible. The Automatic Certificate Management Environment (ACME) protocol enables software to automatically prove domain control to a certificate authority without any human involvement. No more generating CSRs by hand. No more copy-pasting into web forms. No more waiting for validation emails. ACME largely solved certificate issuance.

Managing applications on Red Hat OpenShift gets complicated quickly. Updates break things, scaling requires constant attention, and recovery from failures eats up valuable time. OpenShift Operators eliminate these headaches by automating tasks that normally demand manual work from your team. These Kubernetes-native tools package, deploy, and manage services across your cluster.

Millions of homes, businesses, and hospitals depend on solar power, a clean and cost-effective source of renewable energy. Adoption has accelerated worldwide thanks to major government initiatives such as the Inflation Reduction Act (IRA) in the U.S., the Renewable Energy Directive (RED II) in the EU, the Smart Export Guarantee in the UK, and Australia’s Small-scale Renewable Energy Scheme (SRES). As clean energy infrastructure expands, a new vulnerability is emerging.