Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In February 2023, a Stanford University student conducted a study that turned into one of the most widely followed security tests in AI history. Kevin Liu performed a simple prompt-injection attack, tricking Microsoft Bing Chat into disclosing its internal codename, Sydney, and exposing the entire list of its system prompts. The attack utilized no high-end toolkit, no zero-day, and no privileges, only specially crafted natural language.

In the digital age, where a smartphone holds the keys to our lives—messages, photos, locations, secrets—few threats loom as insidiously as Pegasus. Developed by Israel’s NSO Group, this zero-click spyware doesn’t need you to tap a link or download a file. Instead, it slips in silently via a missed iMessage, a WhatsApp call you ignore, or a system notification you never see.

Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs), and multi-factor authentication (MFA) tools.

Sophisticated online fraud techniques are growing more accessible to unskilled attackers, driven by AI tools and fraud-as-a-service platforms, according to Sumsub’s latest Identity Fraud Report. “hile the volume of attacks remains staggering, the nature of fraud is shifting,” the researchers write.

On December 3, 2025, the React team disclosed CVE-2025-55182, a critical remote code execution vulnerability in React Server Components. The flaw carries a CVSS score of 10.0, the maximum severity rating. What makes this vulnerability particularly dangerous is its simplicity: attackers only need to send a single crafted HTTP request to gain complete control over vulnerable servers. No authentication required. No complex exploit chains. Just one malicious request.

Customer support teams face an impossible paradox: they need to help customers quickly, but customers routinely share sensitive information that creates compliance risks and security exposure. Credit card numbers pasted into chat. Driver's licenses attached to verification tickets. Medical records uploaded to troubleshoot healthcare apps. Social security numbers submitted through web forms. Traditional DLP wasn't built for this reality.

A few weeks ago, a cyberattack shut down operations at the Japanese brewery Asahi, disrupting its supply chain and affecting product availability across the country. Incidents like these often take advantage of the complexity of distributed infrastructures, where insufficient segmentation between OT (Operational Technology) and IT (Information Technology) environments lets threats spread laterally uncontrolled.

We recently published a series of polls across our social channels to get a pulse on some of today’s application security concerns with AI. These recent conversations with our community reveal a clear and urgent shift in the application security landscape. Results show that while established challenges like software supply chain security remain top of mind, the rapid pace of AI has created a new center of gravity for anxiety.

Managing access can become tedious and clunky. Someone always ends up with too much power, someone else is locked out when something’s on fire, and no one remembers who approved what in the first place. It’s the slow creep of “we’ll fix it later.” However, that “later” is catching up.

SOAR was created to help security teams work faster and more consistently by automating and orchestrating core security operations. It has always had to adapt to new and evolving technologies, but our current AI era has brought about a turning point. As cloud environments scale, manual playbooks can’t keep up. Now, it’s not enough to automate. We need systems that can understand the context they’re running in and adapt accordingly.