Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SenseOn has detected a large increase in the Lumma Stealer malware targeting customers over the past few months. Unlike traditional malware strains, Lumma Stealer has been leveraging a unique, and increasingly effective, access vector of fake CAPTCHA verification prompts. These deceptive prompts trick users into running malicious commands on their device eventually injecting malicious processes into legitimate programs. This attack vector is expected to become even more prevalent throughout 2025.

Vendors increasingly claim to offer SecOps platforms. Yet, their solutions are so different from each other that buyers find themselves wondering what the term “SecOps platform” even means. We’d like to give a straightforward answer to that question.

A look back at 2024: A year of breakthroughs, advancements, and unwavering commitment to elevating NHI and secrets security for organizations.

The AI space is developing rapidly but is still largely uncontrolled. According to The State of Trust Report 2024, 62% businesses plan to invest more in AI security in the next 12 months. ‍ The good news is that AI security can now be better implemented with the help of many authoritative new AI standards and frameworks rolled out in the past few years. The aim with any of these standards is to remove the uncertainty around AI systems and ensure responsible implementation.

Fuzz testing is most commonly classified based on its analysis approach. The two main categories of fuzz testing solutions are white-box and black-box fuzzers. In this blog, we explain the difference between approaches as well as their main features.

TL;DR: The new EU cybersecurity directive, NIS2, is already reshaping how software suppliers do business through stricter vulnerability management requirements in procurement contracts. This shift is gaining momentum, and more companies will need to adapt. Aikido helps automate compliance reporting and vulnerability tracking to meet these new demands. Start your free compliance journey here, or read on to understand what this means for your business.

The year 2025 started with a bang, with these cybersecurity stories making headlines in the first few days: As the global threat landscape intensifies, the need for in-depth research and information sharing has never been greater. Our mission at CyberArk Labs is to empower cyber defenders with threat insights that help strengthen their identity security strategies.

The Digital Operational Resilience Act (DORA) is a disruptive policy that came into effect in January 2025 with the objective to boost the cyber resilience of financial institutions in the European Union. As digital transformation increases, it is crucial to ensure the availability, integrity, and confidentiality of critical IT systems to sustain financial market trustworthiness and stability.

The growing use of AI outside and within organizations is rapidly changing the threat landscape and impacting our approach to threat detection, investigation, and response. As we kickoff 2025, the following three trends suggest that cybersecurity practitioners must continue to advance their use of threat intelligence and are making important progress on that front.

In today’s rapidly evolving digital landscape, securing software systems has never been more critical. Cyber threats continue to exploit systemic vulnerabilities in widely used technologies, leading to widespread damage and disruption. That said, the United States Cybersecurity and Infrastructure Agency (CISA) helped shape best practices for the technology industry with their Secure-by-Design pledge.