Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI agents are rapidly transforming enterprise operations. Unlike traditional software that follows fixed code paths, AI agents interpret prompts, form plans, select tools, and react to results in a continuous loop. At the heart of this capability is the agent's ability to actively select and execute capabilities based on natural language descriptions, schemas, and examples.

LABYRINTH CHOLLIMA is among the most prolific DPRK-nexus adversaries that CrowdStrike Intelligence tracks and is responsible for some of North Korea’s most notable intrusions including destructive attacks against South Korean and U.S. entities, and the global WannaCry ransomware incident.

January 28 marks Data Protection Day, a date rooted in one of the earliest milestones of the digital age: the anniversary of the 1981 signing of Convention 108, the first legally binding international treaty for data protection. What began as a European initiative has since evolved into a global observance recognized across North America, parts of the Middle East, and beyond.

In today's threat landscape, an effective endpoint protection platform (EPP) is the cornerstone of an organization’s security posture. Built on this foundation, the CrowdStrike Falcon platform has established itself as a pioneer of AI-native security, enabling organizations across every sector and size to unify and automate their defenses across endpoint, identity, cloud, and data.

As cloud applications, SaaS platforms, and GenAI tools shape most modern workflows, one physical channel presents an ongoing risk: removable media. USB drives, external devices, and other portable storage remain some of the easiest ways for sensitive data to leave an organization and some of the quietest ways for threats to enter it.

The architectural divide in cybersecurity is no longer theoretical. It's operational. Adversaries are deploying AI-accelerated attacks and moving laterally across domains faster than human analysts can correlate evidence. Meanwhile, defenders are adopting AI tools that accelerate individual tasks but still operate on fragmented data and require manual correlation across disconnected systems.

I’m delighted to announce CrowdStrike’s intent to acquire Seraphic, the leader in browser runtime security. With this acquisition, we will extend the power of the CrowdStrike Falcon platform into the browser to enforce security within sessions across any browser, on any device. The browser is already the operating system of the enterprise workforce, connecting apps, data, and identity.

As AI agents become increasingly prevalent across business environments, their security is a pressing concern. Among the insidious threats facing AI agents is tool poisoning, a type of attack that exploits the way AI agents interpret and use tool descriptions to guide their reasoning. In this blog, we explain how AI tool poisoning works, the different forms it can take, and how organizations can strengthen their defenses against this type of attack.

I’m excited to announce CrowdStrike’s agreement to acquire SGNL, a leader in identity-first security. This acquisition will extend CrowdStrike Falcon Next-Gen Identity Security to deliver continuous, context-aware authorization for human, non-human, and AI agent identities across SaaS and hyperscaler cloud environments. As risk conditions and threats change, access to applications, data, and AI agents should change with them.

At Fal.Con 2025, CrowdStrike introduced Threat AI, an agentic threat intelligence system of autonomous agents that reason across data, hunt for threats, and take action. As part of our vision for the agentic SOC, these AI-powered agents automate complex intelligence workflows so defenders can keep up with AI-powered adversaries while staying in control of every decision.