Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Have you ever wished for a tool that could guide you, even on the foggiest days? That was my father’s compass. He carried it not because it told him where he was, but because it reminded him where true north was. I spent twelve years in the U.S. Navy as a cybersecurity practitioner, and that same compass has stayed with me. And in the world of SIEM and threat detection, the Gartner Critical Capabilities for Security Information and Event Management (SIEM) report feels like that compass.

The EU Artificial Intelligence Act (AI Act) introduces the world’s first comprehensive regulatory framework for artificial intelligence. It defines clear rules for how AI systems are built, deployed, and monitored, focusing on risk management, data governance, transparency, and accountability. Any organization offering AI-powered products or services to EU users (or processing EU data) must comply.

Kubernetes adoption is growing, and managing secure and efficient network communication is becoming increasingly complex. With this growth, organizations need to enforce network policies with greater precision and care. However, implementing these policies without disrupting operations can be challenging. That’s where Calico Whisker comes in. It helps teams implement network policies that follow the principle of least privilege, ensuring workloads communicate only as intended.

Threat Actor Name: UNC6384 Targeted Industries: Government, Diplomatic Services Geographic Focus: Hungary, Belgium, Serbia, Italy, Netherlands (broader European diplomatic community)

Formjacking involves malicious code injected into payment forms that captures credit card data during transactions. The form functions normally, the payment completes, and nothing unusual appears in server logs. This happens in the browser, outside the reach of traditional server-side security controls. PCI DSS 4.0 requirements 6.4.3 and 11.6.1 extend compliance to the client side to address this.

Security teams don’t struggle to find exposures – they struggle to fix them. The new Seemplicity AI Agents change that. Integrated into the Exposure Action Platform, they combine intelligence and automation to help teams move faster, stay aligned, and reduce risk. From clear findings and ownership mapping to guided fixes and executive insights, Seemplicity’s AI Agents make exposure management truly action-driven.

To close out Trustwave’s, A LevelBlue Company, Cybersecurity Awareness Month 2025 coverage, we will take a look at securing critical infrastructure, one of the focus areas for the Cybersecurity and Infrastructure Security Agency (CISA). For our complete coverage, please see: Cybersecurity Awareness Month 2025: The Value of MSSPs and Cybersecurity Awareness Month 2025: 4 Steps to Build a Cyber Strong America.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! We all love a good site scan right?

When people talk about securing software, they typically refer to two distinct aspects. The code itself, or the servers it runs on. That makes sense. Those are the most visible parts. But what actually holds everything together isn’t either of those. It’s the pipeline in between the system that moves code from an idea in a developer’s head to something running in production. CI/CD pipeline can be easy to overlook because it often feels invisible.

In today's rapidly evolving cybersecurity landscape, organizations face unprecedented challenges. Cyber threats are not only increasing in volume but are also becoming more sophisticated and evasive, using AI themselves to enhance their attacks. The attack surface has expanded dramatically, while Security Operations Centers (SOCs) are often left with fewer resources to combat these growing threats.