Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From navigating hostile weather to safeguarding crew and cargo, resilience is embedded into every operational decision in the maritime industry. Today, however, a new and less visible threat is reshaping what resilience means at sea: cyber risk. Digital transformation is providing great value through satellite navigation, automation, real-time fleet management and integrated logistics. But this connectivity has also expanded the attack surface.

Contemporary threat actors employ sophisticated methodologies to execute advanced persistent threats that may remain undetected for extended periods. The evolving threat landscape necessitates comprehensive threat intelligence programs capable of transforming raw data into strategic threat intelligence. Organizations require structured processes that enable proactive security measures rather than reactive responses to cyber threats.

A remote workforce is defined as having employees who perform their work away from a traditional office setting. Commonly, remote employees work from home or some other location with internet access. A co-working space is another popular flexible remote work environment, offering a dedicated and professional setting outside the home or traditional office.

Spain's flag carrier Iberia Airlines disclosed a significant data security incident in November 2025 that should put all customers on high alert. The breach, which occurred through a compromised third-party supplier, has exposed personal information and created new risks for travelers who have flown with the airline.

This week marks the start of the 16 Days of Activism Against Gender Based Violence, a global campaign from 25th November to 10th December that calls for action to end all forms of violence against women and girls. For us, as a charity supporting people harmed through technology, this period is an important reminder that digital abuse is now one of the most common and damaging ways gender based violence is carried out.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A bit of a nasty one eh?

Vulnerability in WhatsApp revealed billions of active accounts. Avast explains, why it’s important to keep your phone number private. When we think about protecting our personal data, we often think of our home address, passwords, or banking credentials. But a recent discovery of vulnerability in WhatsApp shows that our phone numbers deserve the same caution. For many of us, WhatsApp is the go-to app for quick communication. It's where we plan family dinners, send memes, and catch up with friends.

Infrastructure has always been the backbone of IT Operations, but its scope has expanded dramatically. Gone are the days when infrastructure meant only racks of on-premise servers and storage arrays. For many businesses, today's reality is a sprawling, interconnected landscape encompassing multi-cloud environments, modern software-as-a-service (SaaS) platforms, traditional data centers, and emerging edge workloads.

On November 18, 2025, a single configuration file change at Cloudflare disrupted access to large parts of the web. Around 11:20 UTC, Cloudflare’s network began returning a surge of HTTP 5xx errors. Users trying to reach services like X (formerly Twitter), ChatGPT/OpenAI, Ikea, Canva, and many others suddenly saw Cloudflare-branded error pages instead of the applications they expected. Cloudflare mitigated the issue, restored service, and published a detailed public report.