Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New details are emerging in recent weeks on how the Crimson Collective threat group has been conducting a large-scale campaign targeting Amazon Web Services cloud environments. Recent reports highlight how easily the attackers progressed once they obtained valid credentials. The Crimson Collective claims to have exfiltrated ~570 GB across ~28,000 internal GitLab projects; Red Hat has confirmed access to a Consulting GitLab instance but hasn’t verified the full scope of those claims.

The digital landscape across Asia/Pacific (excluding Japan) (APEJ) is characterized by rapid growth in the acceptance of Managed Detection and Response (MDR), and driven by a corresponding surge in cyber threats, according to IDC’s just released report IDC MarketScape: Asia/Pacific (Excluding Japan) Managed Detection and Response Services 2025 Vendor Assessment. IDC recognized Trustwave, A LevelBlue Company, as a Leader in the report.

OpenAI, the people behind ChatGPT, have launched an updated AI video- and audio-generation system with fascinating, and terrifying, implications for the spread of deepfakes.

The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored. Your workforce is no longer just human. It's a hybrid team of people, AI agents, copilots, assistants and digital partners. This creates a new and complex attack surface. The next great security challenge isn't just protecting a human from a machine.

Manufacturing is the core of the global economy, yet it is the most attacked industry today. And while much of the attention falls on external attackers, an equally dangerous risk comes from within. This article explores the unique cybersecurity challenges manufacturing organizations face, shows you real-life examples of manufacturing data breaches caused by insiders, and provides seven key measures to help you build a resilient insider threat program.

I’m not one to blog, but speaking with clients, peers, and colleagues, I often hear statements like “SIEM is dead” or “this is the SOC of the future.” So what do they really mean? Honestly, I’m not entirely sure either — there are so many conflicting viewpoints and ways of addressing this.

A critical CVE-2025-61882 Oracle E-Business Suite vulnerability is under active exploitation by the Cl0p ransomware group. This unauthenticated remote-code-execution (RCE) vulnerability — CVE-2025-61882 — in Oracle E-Business Suite (EBS) was patched by Oracle in October 2025 and is being actively exploited in the wild. Multiple security vendors attribute attacks to Cl0p/associated ransomware extortion campaigns and Oracle has published an emergency Security Alert.

In October 2025, a critical zero-day vulnerability was disclosed in Oracle E-Business Suite (EBS), tracked as CVE202561882, which allows unauthenticated remote code execution (RCE). This vulneraility affects versions 12.2.3 through 12.2.14 and has already been actively exploited in the wild by the Cl0p ransomware group and potentially other threat actors.

Ask anyone on the outside of information security what the most important part of the industry is, and you’ll get a lot of different answers, but among them will be cryptography. Using strong encryption to hide information where it can’t be accessed without the proper authorization makes a lot of sense, and the idea of strong cryptography has saturated popular culture.

When the day wrapped up at the Commonwealth Club, one thing was clear: we are in a moment unlike anything the security community has faced before. Hundreds of practitioners and thought leaders from around the world came together, and the turnout alone showed just how urgent and relevant this topic has become. Michael Bargury opened his keynote with a question that lingered well past the event: Are we actually making progress in securing agents?