Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our threat-hunting team just uncovered a mass-produced remote DNS-manipulation campaign that hijacked an entire nameserver (NS) delegation belonging to a Fortune 500 company. Within hours, the attacker used that foothold to create over 9,500 brand-new subdomains, all resolving to the same criminal infrastructure serving illicit gambling pages.

AI is no longer a futuristic concept – It has now become the core of how modern businesses are operating. Starting from chatbots to analytics, generative content to automation, AI is across every sector of business. As AI usage increases, the risks and regulation are also increasing.

The companies winning with AI aren’t just deploying agents faster - they’re operationalizing them responsibly. They realize AI agents are creating a new, dynamic attack surface that traditional tools were never designed to handle. These agents span the entire enterprise ecosystem. Microsoft 365 Copilot, Copilot Studio, and Salesforce Agentforce are SaaS‑managed agents. GitHub Copilot, Cursor, and Claude desktop run directly on user devices as device‑based agents.

The BlueVoyant Security Operations Center (SOC) recently responded to a client’s user accessing a potentially malicious link that further research identified as part of a recent, robust campaign aimed at stealing Twilio SendGrid credentials. The attack was investigated by BlueVoyant’s Threat Fusion Cell (TFC) to understand how it can bypass email filters, and how it likely targeted IT departments.

With evolving cyber threats and rapidly advancing technologies, today’s SMBs have no choice but to modernize their networks to stay secure, efficient, and competitive. WatchGuard is ready to support them with the launch of the next-gen Firebox Tabletop Series: Future-ready firewalls built for how businesses operate now and where they’re headed next.

In today’s interconnected world, organisations must rely on a foundation of trust to keep operations secure, trust in their systems, processes, partners, and most critically, their people. After all, employees are granted access to sensitive data, infrastructure, and decision-making channels that keep a business running.

APIs are essential in today's digital landscape, supporting everything from mobile apps to vital backend systems. As their importance grows, they also become attractive targets for advanced attackers who bypass traditional security methods. These adversaries do not simply exploit API flaws; instead, they mimic normal user behavior to launch subtle, slow-and-low attacks that are difficult for conventional tools to detect.

Tech companies love a good framework, especially ones that promise structure, transparency, and alignment with internal standards. Zoom’s Vulnerability Impact Scoring System (VISS) is one of those. It’s designed to translate internal security policies into a scoring model that supports impact-based decision making, particularly for bug bounty programs and external disclosure workflows. On paper, that sounds useful. But in practice, it doesn’t scale.

We’re proud to announce that Netacea has once again successfully completed our SOC 2 Type II audit, marking our fifth consecutive year achieving this important milestone in data security and trust. SOC 2 compliance isn’t a checkbox exercise. It’s a rigorous, independent validation of how seriously we take the responsibility of protecting customer data. For five years running, Netacea has demonstrated our commitment to operating securely, reliably, and transparently.

You update your antivirus. You install that fancy EDR. You think you’re safe. But, surprise, Hackers are still getting in without triggering a single alarm. By hijacking trusted apps and making them load malicious code, voluntarily. This sneaky move is called DLL Sideloading, and it’s becoming the cybercriminal’s favourite backdoor. Sounds horrifying? It is. But here’s the good news for you. If you understand how DLL sideloading works, you can catch it before it wrecks your system.