Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On October 20, 2025, Amazon Web Services (AWS) experienced an outage affecting its US-East-1 region. The event caused temporary service degradation across a wide range of global applications and digital services, including business collaboration tools, financial platforms, airline operations, and consumer-facing websites used by millions of people worldwide, as reported in the news. We extend our appreciation to our partners at AWS for their swift and professional handling of the incident.

In a world where billions of devices now shape our connected reality, IoT security has evolved from an IT problem to a board-level priority. As the iot ecosystem grows—an interconnected network of devices, systems, and infrastructures—comprehensive iot security solutions have become essential to protect, manage, and scale these environments. Yet despite the growing awareness, one challenge remains stubbornly persistent — the management and protection of unmanaged devices.

Every business today faces a rapidly evolving regulatory landscape, increased public scrutiny, and a wealth of risks arising from technology, global operations, and market shifts. In the midst of these challenges, organizations have discovered that governance, risk management, and compliance (GRC) are no longer just boxes to tick; they can actually become competitive advantages.

Earlier this year, we showcased how the Foundation-Sec-8B model’s chat capabilities can be leveraged within the Splunk App for Data Science and Deep Learning (DSDL) to summarize security events and provide detection suggestions. Building on its robust security expertise, Foundation-Sec-8B also supports zero-shot classification for a wide range of security tasks.

Cybercrime is growing at a rapid pace. Although there are security products available to counter different cyber threats, managing too many security products can be a daunting task. It’s neither easy nor cost-effective to manage numerous separate security products. Organizations are looking for ways to consolidate multiple security functions into a single network security appliance because it is easier to manage and is more cost-effective.

The era of agentic commerce is coming, and it brings with it significant new challenges for security. That’s why Cloudflare is partnering with Visa and Mastercard to help secure automated commerce as AI agents search, compare, and purchase on behalf of consumers. Through our collaboration, Visa developed the Trusted Agent Protocol and Mastercard developed Agent Pay to help merchants distinguish legitimate, approved agents from malicious bots.

For organizations in air-gapped environments with no external network connection, implementing the latest search and AI technology can be challenging, often to the point of impossibility. However, Elastic’s customers in highly sensitive industries, such as national security and defense, have relied on Elastic’s agile technology for over a decade, trusting it for mission-critical use cases in air-gapped environments or even on tech kits.

In early September 2025, attackers used a phishing email to compromise one or more trusted maintainer accounts on npm. They used this to publish malicious releases of 18 widely used npm packages (for example chalk, debug, ansi-styles) that account for more than 2 billion downloads per week. Websites and applications that used these compromised packages were vulnerable to hackers stealing crypto assets (“crypto stealing” or “wallet draining”) from end users.