Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat actors are abusing X’s generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it’s answering a question, and providing a link in its answer. “In this attack campaign, threat actors circumvent X’s ban on links in promoted posts (designed to fight malvertising) by running video card posts featuring clickbait videos,” ESET says.

Astaroth trojan uses GitHub to host malware configurations, TA585 delivers MonsterV2 malware in phishing campaigns, and threat actors exploit Microsoft’s logo in tech support scams.

In its 2025 State of the Underground report, Bitsight TRACE found that ransomware activity continued to escalate in 2024, with a 25% increase in unique victims listed on leak sites and a 53% increase in the number of ransomware group-operated leak sites. The report also observed a 43% increase in data breaches shared on underground forums, with nearly one in five victims based in the United States. These findings highlight a continued upward trend in cyberattack activity.

According to a new Ponemon study, weak file protections now account for several cybersecurity incidents a year for many organizations. Unsafe file-sharing practices, malicious vendor files, weak access controls, and obscured file activity are largely to blame. File Integrity Monitoring (FIM) could be the solution.

Social media is so deeply intertwined into our lives that as our online presence grows, so does the opportunity for cybercriminals to exploit it. Our data shows just how widespread social media hacking is and who hackers typically target.

We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.

In 2025, 36 years after the first ransomware attack was recorded, actors continue to zero in on the public sector, and there is no evidence they will slow down any time soon. In fact, our numbers suggest that ransomware attacks against government organizations are ramping up, causing crippling service outages, massive data loss, reputational damage, public distrust, and financial harm.

Netwrix’s culture of innovation thrives on curiosity, collaboration, and accountability. From integrating AI across development and customer experience to fostering cross-team creativity, innovation here moves sideways as much as it does down. During Innovation Week, leaders explore how AI and the 1Secure Platform are redefining data and identity security for the future.

Every time someone clicks “accept cookies,” a new layer of risk begins. What appears to be a simple consent interaction can activate dozens of unseen third-party scripts that collect, share, or store user data beyond your control. For marketers, cookies power analytics and personalization. For privacy and security professionals, they often create compliance gaps and data-security blind spots.

Learn how to make your website HIPAA compliant in 2025 with 30+ checklist items, from BAAs and access controls to client-side monitoring and audit-ready evidence.