Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Phishing is the most common type of cyberattack, occurring when an attacker impersonates a trustworthy entity with the intention of carrying out fraudulent activity. Phishing is done with the motive of stealing sensitive information such as passwords, credit card numbers, and other personal data. Phishing was already quite threatening, but with the inception of Artificial Intelligence (AI), it became even more dangerous.

Organizations today depend heavily on connected systems, cloud applications, remote users, and third-party services for their online security. In most cases, attacks do not start with an apparent alert on an endpoint. They often originate in the network in the form of a strange connection or an unusual traffic route. These signs are subtle and easy to overlook until the attacker has infiltrated further. Most IT teams try to keep an eye on this activity, but monitoring a network 24/7 is not feasible.

For many organizations, managed detection and response has become an essential service. With threats getting more deceptive and spreading at a faster rate, most IT/security teams are unable to investigate every suspicious event due to a lack of time or resources. This is why many organizations explore MDR, but they often don’t know how much managed detection and response would cost.

Brazil has formalized a comprehensive framework for virtual asset service providers (VASP). This is the moment when the rules become operational, enforceable, and aligned with the scale of activity taking place in the country. For institutions already active in Brazil and those evaluating market entry, this is a shift that raises expectations and lowers uncertainty at the same time.

Security leaders spent most of the past year testing AI driven security automation. Many discovered that the promise of fully autonomous SOC operations collided with the reality of hallucinations, opaque recommendations, and inconsistent outcomes. McKinsey research now shows that more than 80 percent of organizations have not realized meaningful results from gen AI programs.

A newly disclosed vulnerability, CVE-2025-61757, exposes Oracle Identity Manager (OIM) to unauthenticated remote code execution (RCE). The flaw affects OIM versions 12.2.1.4.0 and 14.1.2.1.0 and carries a CVSS 9.8 Critical rating. CISA has added it to the Known Exploited Vulnerabilities (KEV) catalog — meaning active exploitation is confirmed.

Innovation has always been the engine of American advancement. With the launch of the Genesis Mission, the White House is signaling a new era of AI-accelerated scientific discovery. This executive order directs the Department of Energy to build an integrated, national-scale AI platform designed to unlock scientific breakthroughs across biotechnology, energy, materials, quantum systems, and beyond.

Once again, the npm supply chain has been compromised, putting developers relying on these vital open source components at risk. On November 24th, a sophisticated attack that borrows techniques from the Shai-Hulud malware used in the npm hijacking this past September was discovered. This is not an isolated incident. It’s a continuation of an existing campaign that is now abusing CI/CD pipelines, and GitHub automation to spread faster and steal more secrets than before.

Between 1:48pm ET on October 29 and 6:53pm ET on October 30, 2025, KnowBe4 threat analysts observed a high volume of phishing emails detected by KnowBe4 Defend that were sent from the legitimate domain of one of the world’s largest sportswear brands.

In recent weeks, the UK government has announced the introduction of its new Cyber Security and Resilience Bill. The bill aims to strengthen cyber defences for organisations that fall within the scope of critical national infrastructure (CNI), including the NHS, energy, water and transport sectors, ultimately making these industries more resilient to increasing cyber threats.