Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag. If that sounds abstract, here are two recent examples of such skimming attacks: To further our goal of building a better Internet, Cloudflare established a core tenet during our Birthday Week 2025: powerful security features should be accessible without requiring a sales engagement.

Navigating the labyrinth of the U.S. federal procurement system, especially for Defense Industrial Base (DIB) companies, can be challenging, particularly when trying to meet stringent cybersecurity compliance standards like the Cybersecurity Maturity Model Certification (CMMC).

Where AI in the SOC is actually delivering — and where it isn’t“We’ll have a generation of security professionals who can supervise AI but can’t function without it." For all the noise surrounding “agentic AI” in cybersecurity, security operations centers are still wrestling with the same fundamental questions: What does AI genuinely improve today? Where does it fall short? How can organizations tell the difference?

A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway? Sophos’ Managed Detection and Response (MDR) teams reported on a phishing campaign late last year that attempted to trick users into installing LogMeIn Resolve (formerly GoToResolve), a remote monitoring and management (RMM) tool, to acquire remote unattended access.

On March 31, 2026, two malicious versions of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account. The packages contained a hidden dependency that deployed a cross-platform remote access trojan (RAT) to any machine that ran npm install (or equivalent in other package managers like Bun) during a two-hour window. The malicious versions (1.14.1 and 0.30.4) were removed from npm by 03:29 UTC.

The world of cybersecurity is experiencing a shift as adversaries continue to refine their techniques. In 2025, cybersecurity teams will confront a host of new challenges that demand proactive and adaptive responses. Tabletop exercises offer an excellent opportunity to simulate incidents in a controlled environment, allowing teams to evaluate and improve their incident response plans.

Mobile Device Management, commonly known as MDM, is how organizations manage, secure, and monitor mobile devices that access corporate data and applications. It helps IT teams keep smartphones, tablets, and laptops safe while allowing employees to work productively.

An employee receives what looks like a routine email. Maybe it’s a shared document link, a shipment update, or a tool they already use. Nothing feels off. They click. Within seconds, a malicious script runs in the background. No warning. No alert. And the firewall? It didn’t block it. This isn’t an edge case. It’s how many modern attacks actually begin. Not by breaking in, but by being let in. Traditional network defenses were built to block external threats at the perimeter.

The quiet shift no one talks about. Something happened over the past few years that most MSPs didn't plan for. Their customers moved to Microsoft 365, adopted Entra ID as their identity provider, and started using Microsoft Authenticator for MFA. It made sense at the time. It was simple, it was included in the license, and it worked. But somewhere along the way, a strategic decision was made by default. Microsoft became the identity provider, directory, credential store, and MFA provider. All at once.

We brought the message of Autonomous IT to the leading security show, and people took notice.